Vulnerability Summary for the Week of February 27, 2023

Released
Mar 06, 2023
Document ID
SB23-065

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 


The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
wago -- multiple_products
 
The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.2023-02-279.8CVE-2022-45138
MISC
wago -- multiple_products
 
The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.2023-02-279.8CVE-2022-45140
MISC
sourcecodester -- dental_clinic_appointment_reservation_systemA vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221795.2023-02-269.8CVE-2023-1037
MISC
MISC
MISC
sourcecodester -- online_reviewer_management_systemA vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer_0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221796.2023-02-269.8CVE-2023-1038
MISC
MISC
MISC
sourcecodester -- online_graduate_tracer_systemA vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. Affected by this issue is some unknown functionality of the file tracking/admin/add_acc.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-221798 is the identifier assigned to this vulnerability.2023-02-269.8CVE-2023-1040
MISC
MISC
MISC
sourcecodester -- music_gallery_siteA vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. This issue affects some unknown processing of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221819.2023-02-279.8CVE-2023-1053
MISC
MISC
sourcecodester -- music_gallery_siteA vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221820.2023-02-279.8CVE-2023-1054
MISC
MISC
tenda -- w30e_firmwareTenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface.2023-02-279.8CVE-2023-25231
MISC
tenda -- ac500_firmwareTenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface.2023-02-279.8CVE-2023-25233
MISC
tenda -- ac500_firmwareTenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface.2023-02-279.8CVE-2023-25234
MISC
cerebrate-project -- cerebrateCerebrate 1.12 does not properly consider organisation_id during creation of API keys.2023-02-249.1CVE-2023-26468
MISC
taogogo -- taocmsCross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.php.2023-02-248.8CVE-2021-34167
MISC
abb -- infinity_dc_power_plantCross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.2023-02-248.8CVE-2022-1607
MISC
wordpress -- wordpressThe GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks2023-02-278.8CVE-2023-0381
MISC
sourcecodester -- moosikay_e-commerce_systemA vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Moosikay/order.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221732.2023-02-248.8CVE-2023-0997
MISC
MISC
MISC
sourcecodester -- sales_tracker_management_systemA vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. This vulnerability affects unknown code of the file admin/?page=user/list. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221734 is the identifier assigned to this vulnerability.2023-02-248.8CVE-2023-0999
MISC
MISC
MISC
sourcecodester -- clinics_patient_management_systemA vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221784.2023-02-258.8CVE-2023-1035
MISC
MISC
MISC
sourcecodester -- class_and_exam_timetabling_systemA vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index3.php of the component POST Parameter Handler. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221797 was assigned to this vulnerability.2023-02-268.8CVE-2023-1039
MISC
MISC
MISC
muyucms -- muyucmsA vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument file_path leads to relative path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221803.2023-02-268.8CVE-2023-1044
MISC
MISC
MISC
muyucms -- muyucmsA vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown part of the file /admin.php/update/getFile.html. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221805 was assigned to this vulnerability.2023-02-268.8CVE-2023-1046
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221821 was assigned to this vulnerability.2023-02-278.8CVE-2023-1056
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned to this vulnerability.2023-02-278.8CVE-2023-1057
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221823.2023-02-278.8CVE-2023-1058
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221824.2023-02-278.8CVE-2023-1059
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument oldmail leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221825 was assigned to this vulnerability.2023-02-278.8CVE-2023-1061
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability, which was classified as critical, was found in SourceCodester Doctors Appointment System 1.0. Affected is an unknown function of the file /admin/add-new.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221826 is the identifier assigned to this vulnerability.2023-02-278.8CVE-2023-1062
MISC
MISC
MISC
sourcecodester -- doctors_appointment_systemA vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221827.2023-02-278.8CVE-2023-1063
MISC
MISC
MISC
sourcecodester -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel.2023-02-278.8CVE-2023-24364
MISC
MISC
MISC
sourcecodester -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function.2023-02-278.8CVE-2023-24652
MISC
MISC
MISC
sourcecodester -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function.2023-02-278.8CVE-2023-24653
MISC
MISC
MISC
sourcecodester -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function.2023-02-278.8CVE-2023-24654
MISC
MISC
MISC
sourcecodester -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function.2023-02-278.8CVE-2023-24656
MISC
MISC
MISC
smeup -- erpSme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component.2023-02-278.8CVE-2023-26759
MISC
smeup -- erpSme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability.2023-02-278.8CVE-2023-26762
MISC
rangy_project -- rangyAll versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype2023-02-248.2CVE-2023-26102
MISC
MISC
muyucms -- muyucmsA vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin.php/accessory/filesdel.html. The manipulation of the argument filedelur leads to relative path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221804.2023-02-268.1CVE-2023-1045
MISC
MISC
MISC
marktext -- marktextA vulnerability has been found in MarkText up to 0.17.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221737 was assigned to this vulnerability.2023-02-247.8CVE-2023-1004
MISC
MISC
MISC
markdown-electron_project -- markdown-electronA vulnerability was found in JP1016 Markdown-Electron and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-221738 is the identifier assigned to this vulnerability.2023-02-247.8CVE-2023-1005
MISC
MISC
MISC
filseclab -- twister_antivirusA vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects unknown code in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740.2023-02-247.8CVE-2023-1007
MISC
MISC
MISC
MISC
techpowerup -- realtempA vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This vulnerability affects unknown code in the library WinRing0x64.sys. The manipulation leads to improper initialization. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-221806 is the identifier assigned to this vulnerability.2023-02-267.8CVE-2023-1047
MISC
MISC
MISC
apple -- macosThe issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges.2023-02-277.8CVE-2023-23507
MISC
MISC
linux -- kernelIn the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.2023-02-257.8CVE-2023-26544
MISC
linux -- kernelIn the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.2023-02-257.8CVE-2023-26545
MISC
MISC
MISC
linux -- kernelIn the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.2023-02-267.8CVE-2023-26605
MISC
linux -- kernelIn the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.2023-02-267.8CVE-2023-26606
MISC
sourcecodester -- online_book_storeSQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.2023-02-247.5CVE-2021-34249
MISC
MISC
wordpress -- wordpressThe User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing2023-02-277.5CVE-2022-4550
MISC
wordpress -- wordpressThe Correos Oficial WordPress plugin through 1.2.0.2 does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server.2023-02-277.5CVE-2023-0331
MISC
rosariosis -- rosariosisImproper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.2023-02-247.5CVE-2023-0994
MISC
CONFIRM
tenda -- ac500_firmwareTenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid.2023-02-277.5CVE-2023-25235
MISC
smeup -- erpSme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService.2023-02-277.5CVE-2023-26758
MISC
smeup -- erpSme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system.2023-02-277.5CVE-2023-26760
MISC
wordpress -- wordpressThe GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.2023-02-277.2CVE-2023-0278
MISC
MISC
wordpress -- wordpressThe Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.2023-02-277.2CVE-2023-0279
MISC
MISC
wordpress -- wordpressThe My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin2023-02-277.2CVE-2023-0487
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22762
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22763
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22764
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22765
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22766
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22767
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22768
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22769
MISC
arubanetworks -- arubaosAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.2023-03-017.2CVE-2023-22770
MISC
linux -- kernelIn the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.2023-02-267.1CVE-2023-26607
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
mv_idigital_clinic_enterprise_project -- mv_idigital_clinic_enterpriseMV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.2023-02-276.5CVE-2022-31405
MISC
MISC
MISC
muyucms -- muyucmsA vulnerability, which was classified as problematic, has been found in MuYuCMS 2.2. This issue affects some unknown processing of the file index.php. The manipulation of the argument file_path leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221735.2023-02-246.5CVE-2023-1002
MISC
MISC
MISC
arubanetworks -- arubaosAuthenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.2023-03-016.5CVE-2023-22773
MISC
arubanetworks -- arubaosAuthenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.2023-03-016.5CVE-2023-22774
MISC
apple -- macosThe issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service.2023-02-276.5CVE-2023-23512
MISC
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24128
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24129
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24130
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24131
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24132
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24133
MISC
MISC
MISC
heimgardtechnologies -- eagle_1200ac_firmwareJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet.2023-03-016.5CVE-2023-24134
MISC
MISC
MISC
wago -- multiple_products
 
The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.2023-02-276.1CVE-2022-45137
MISC
paypal -- braintree\/sanitize-urlsanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.2023-02-246.1CVE-2022-48345
MISC
MISC
wordpress -- wordpressThe Custom Add User WordPress plugin through 2.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin2023-02-276.1CVE-2023-0043
MISC
wordpress -- wordpressThe ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin2023-02-276.1CVE-2023-0334
MISC
sourcecodester -- online_boat_reservation_systemA vulnerability has been found in SourceCodester Online Boat Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /boat/login.php of the component POST Parameter Handler. The manipulation of the argument un leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221755.2023-02-246.1CVE-2023-1030
MISC
MISC
MISC
sourcecodester -- dental_clinic_appointment_reservation_systemA vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221794 is the identifier assigned to this vulnerability.2023-02-266.1CVE-2023-1036
MISC
MISC
MISC
sourcecodester -- simple_responsive_tourism_websiteA vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/rate_review.php. The manipulation of the argument id with the input 1"><script>alert(1111)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221799.2023-02-266.1CVE-2023-1041
MISC
MISC
MISC
sourcecodester -- online_pet_shop_we_appA vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /pet_shop/admin/orders/update_status.php. The manipulation of the argument oid with the input 1"><script>alert(1111)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221800.2023-02-266.1CVE-2023-1042
MISC
MISC
MISC
flatpress -- flatpressCross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-026.1CVE-2023-1106
CONFIRM
MISC
ibm -- maximo_application_suiteIBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. IBM X-Force ID: 241584.2023-02-245.5CVE-2022-43923
MISC
MISC
filseclab -- twister_antivirusA vulnerability was found in Twister Antivirus 8.17. It has been rated as problematic. This issue affects some unknown processing in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-221741 was assigned to this vulnerability.2023-02-245.5CVE-2023-1008
MISC
MISC
MISC
MISC
linux -- kernelIn the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-02-285.5CVE-2023-22998
MISC
MISC
apple -- macosThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to bypass Privacy preferences.2023-02-275.5CVE-2023-23508
MISC
MISC
MISC
apple -- macosThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.2023-02-275.5CVE-2023-23511
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpressThe Wufoo Shortcode WordPress plugin before 1.52 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-275.4CVE-2022-4679
MISC
wordpress -- wordpressThe List Pages Shortcode WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-275.4CVE-2022-4757
MISC
wordpress -- wordpressThe Embed PDF WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-275.4CVE-2022-4788
MISC
wordpress -- wordpressThe Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-275.4CVE-2022-4795
MISC
wordpress -- wordpressThe Show-Hide / Collapse-Expand WordPress plugin through 1.2.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-275.4CVE-2022-4829
MISC
wordpress -- wordpressThe Olevmedia Shortcodes WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-275.4CVE-2023-0168
MISC
wordpress -- wordpressThe VK All in One Expansion Unit WordPress plugin before 9.86.0.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-275.4CVE-2023-0230
MISC
wordpress -- wordpressThe Donation Block For PayPal WordPress plugin before 2.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-275.4CVE-2023-0535
MISC
wordpress -- wordpressThe GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-275.4CVE-2023-0539
MISC
wordpress -- wordpressThe Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability2023-02-275.4CVE-2023-0552
MISC
wordpress -- wordpressThe All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributor+ role to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-02-245.4CVE-2023-0586
MISC
MISC
MISC
business_management_system_project -- business_management_systemCross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to v2.0.1.2023-02-245.4CVE-2023-0995
CONFIRM
MISC
sourcecodester -- medical_certificate_generator_appA vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been classified as problematic. This affects an unknown part of the component New Record Handler. The manipulation of the argument Firstname/Middlename/Lastname/Suffix/Nationality/Doctor Fullname/Doctor Suffix with the input "><script>prompt(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-221739.2023-02-245.4CVE-2023-1006
MISC
MISC
pimcore -- pimcoreCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.2023-02-275.4CVE-2023-1067
CONFIRM
MISC
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-025.4CVE-2023-1107
MISC
CONFIRM
pimcore -- pimcoreCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.2023-03-015.4CVE-2023-1115
CONFIRM
MISC
pimcore -- pimcoreCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.2023-03-015.4CVE-2023-1116
MISC
CONFIRM
pimcore -- pimcoreCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.2023-03-015.4CVE-2023-1117
MISC
CONFIRM
flatpress -- flatpressCross-site Scripting (XSS) - Generic in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-025.4CVE-2023-1146
CONFIRM
MISC
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-025.4CVE-2023-1147
CONFIRM
MISC
ss-proj -- shirasagiStored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.2023-02-245.4CVE-2023-22425
MISC
MISC
MISC
MISC
wangeditor -- wangeditorWangEditor v5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /dist/index.js.2023-02-275.4CVE-2023-24251
MISC
simple_customer_relationship_management_system_project -- simple_customer_relationship_management_systemSimple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page.2023-02-275.4CVE-2023-24651
MISC
MISC
MISC
opencats -- opencatsAn open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.2023-02-285.4CVE-2023-27292
MISC
opencats -- opencatsCross-site request forgery is facilitated by OpenCATS failure to require CSRF tokens in POST requests. An attacker can exploit this issue by creating a dummy page that executes Javascript in an authenticated user's session when visited.2023-02-285.4CVE-2023-27295
MISC
wago -- multiple_products
 
A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.2023-02-275.3CVE-2022-45139
MISC
schneider-electric -- clearscadaA CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions)2023-02-245.3CVE-2023-0595
MISC
sourcecodester -- alphaware_simple_e-commerce_systemA vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221733 was assigned to this vulnerability.2023-02-245.3CVE-2023-0998
MISC
MISC
MISC
arubanetworks -- arubaosAn authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files.2023-03-014.9CVE-2023-22776
MISC
wordpress -- wordpressThe Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.2023-02-274.8CVE-2023-0543
MISC
wordpress -- wordpressThe Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2023-02-274.8CVE-2023-0548
MISC
wordpress -- wordpressThe All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Administrator role or above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-02-244.8CVE-2023-0585
MISC
MISC
MISC
MISC
MISC
MISC
microweber -- microweberCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.2023-02-284.8CVE-2023-1081
MISC
CONFIRM
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-024.8CVE-2023-1148
MISC
CONFIRM
ss-proj -- shirasagiStored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script.2023-02-244.8CVE-2023-22427
MISC
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the regenerateSitemaps function. This makes it possible for unauthenticated attackers to regenerate Sitemaps via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.2023-02-244.3CVE-2023-1029
MISC
MISC
muyucms -- muyucmsA vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221802 is the identifier assigned to this vulnerability.2023-02-264.3CVE-2023-1043
MISC
MISC
MISC
wordpress -- wordpressThe Download Read More Excerpt Link plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.0. This is due to missing or incorrect nonce validation on the read_more_excerpt_link_menu_options() function. This makes it possible for unauthenticated attackers to update he plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.2023-02-274.3CVE-2023-1068
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
arubanetworks -- arubaosAn insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account2023-03-012.4CVE-2023-22771
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
media_downloader_plugin -- media_downloader_pluginA vulnerability was found in Media Downloader Plugin 0.1.992. It has been declared as problematic. This vulnerability affects the function dl_file_resumable of the file getfile.php. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.1.993 is able to address this issue. The name of the patch is 77beb720c682b9300035ab5f96eee225181d8a92. It is recommended to upgrade the affected component. VDB-222262 is the identifier assigned to this vulnerability.2023-03-04not yet calculatedCVE-2014-125090
MISC
MISC
MISC
codepeople -- cp-polls_pluginA vulnerability has been found in codepeople cp-polls Plugin 1.0.1 and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 6d7168cbf12d1c183bacc5cd5678f6f5b0d518d2. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222268.2023-03-04not yet calculatedCVE-2014-125091
MISC
MISC
MISC
MISC
opencyclecompass -- server-phpA vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is fa0d9bcf81c711a88172ad0d37a842f029ac3782. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-221808.2023-02-28not yet calculatedCVE-2015-10086
MISC
MISC
MISC
dro.pm -- dro.pmA vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is fa73c3a42bc5c246a1b8f815699ea241aef154bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221763.2023-02-26not yet calculatedCVE-2019-25105
MISC
MISC
MISC
hitachi -- multiple_products_on_linux_platformIncorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00.2023-02-28not yet calculatedCVE-2020-36652
MISC
artesãos -- seotoolsA vulnerability, which was classified as problematic, was found in Artesãos SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231.2023-03-04not yet calculatedCVE-2020-36663
MISC
MISC
MISC
MISC
MISC
artesãos -- seotools
 
A vulnerability has been found in Artesãos SEOTools up to 0.17.1 and classified as problematic. This vulnerability affects the function setTitle of the file SEOMeta.php. The manipulation of the argument title leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222232.2023-03-04not yet calculatedCVE-2020-36664
MISC
MISC
MISC
MISC
MISC
artesãos -- seotoolsA vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The identifier VDB-222233 was assigned to this vulnerability.2023-03-04not yet calculatedCVE-2020-36665
MISC
MISC
MISC
MISC
MISC
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953.2023-03-01not yet calculatedCVE-2020-5001
MISC
MISC
ibm -- financial_transaction_manager_for_digital_payments_for_multi-platformIBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 193662.2023-03-01not yet calculatedCVE-2020-5026
MISC
MISC
apple -- macos_montereyA logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.2023-02-27not yet calculatedCVE-2020-9846
MISC
abb -- multiple_productsImproper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.2023-02-28not yet calculatedCVE-2021-22283
MISC
irz_electronics -- ruh2_gsmCross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter.2023-02-27not yet calculatedCVE-2021-32302
MISC
MISC
MISC
zephyrproject-rtos -- zephyrLack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack2023-02-26not yet calculatedCVE-2021-3329
MISC
streetside -- samourai_walletAn issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this situation.2023-03-04not yet calculatedCVE-2021-36689
MISC
MISC
glox_technology -- useroam_hotspotImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.2023-03-02not yet calculatedCVE-2021-3854
MISC
liman_mys -- liman_mysImproper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Liman MYS (HTTP/Controllers, CronMail, Jobs modules) allows Command Injection.This issue affects Liman MYS: from 1.7.0 before 1.8.3-462.2023-03-01not yet calculatedCVE-2021-3855
MISC
MISC
open_mainframe_project -- zowe_cliA vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI.2023-03-01not yet calculatedCVE-2021-4326
MISC
serenityos -- serenityosA vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is f6c6047e49f1517778f5565681fb64750b14bf60. It is recommended to apply a patch to fix this issue. VDB-222074 is the identifier assigned to this vulnerability.2023-03-01not yet calculatedCVE-2021-4327
MISC
MISC
MISC
MISC
狮子鱼cms -- 狮子鱼cmsA vulnerability has been found in ???CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222223.2023-03-02not yet calculatedCVE-2021-4328
MISC
MISC
MISC
yordam_information_technologies -- library_automation_systemImproper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.2023-03-02not yet calculatedCVE-2021-45477
MISC
yordam_information_technologies -- library_automation_systemImproper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.2023-03-02not yet calculatedCVE-2021-45478
MISC
yordam_information_technologies -- library_automation_systemImproper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS.This issue affects Library Automation System: before 19.2.2023-03-02not yet calculatedCVE-2021-45479
MISC
apple -- apple_music_for_androidThis issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.2023-02-27not yet calculatedCVE-2021-46841
MISC
gogs -- gogsOS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.2023-02-25not yet calculatedCVE-2022-2024
CONFIRM
MISC
google -- androidIn addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2425374312023-02-28not yet calculatedCVE-2022-20455
MISC
google -- androidIn multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2419271152023-02-28not yet calculatedCVE-2022-20481
MISC
google -- androidIn createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-2433765492023-02-28not yet calculatedCVE-2022-20551
MISC
cisco -- asyncos_softwareA vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.2023-03-01not yet calculatedCVE-2022-20952
MISC
apple -- macos_big_surA validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files.2023-02-27not yet calculatedCVE-2022-22582
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information.2023-02-27not yet calculatedCVE-2022-22668
MISC
MISC
netapp -- active iq_unified_managerActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.2023-02-28not yet calculatedCVE-2022-23239
MISC
netapp -- active iq_unified_managerActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.2023-02-28not yet calculatedCVE-2022-23240
MISC
apple -- ios/ipadosA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges.2023-02-27not yet calculatedCVE-2022-26760
MISC
amd -- multiple_productsWhen SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.2023-03-01not yet calculatedCVE-2022-27672
MISC
amd -- ryzen_masterFailure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user.2023-03-01not yet calculatedCVE-2022-27677
MISC
coredns -- corednsA flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.2023-03-03not yet calculatedCVE-2022-2835
MISC
coredns -- corednsA flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.2023-03-03not yet calculatedCVE-2022-2837
MISC
kubernetes -- kubernetesUsers authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.2023-03-01not yet calculatedCVE-2022-3162
CONFIRM
MLIST
apple -- multiple_productsThe issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.2023-02-27not yet calculatedCVE-2022-32784
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.2023-02-27not yet calculatedCVE-2022-32824
MISC
MISC
MISC
apple -- multiple_productsAn out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information.2023-02-27not yet calculatedCVE-2022-32830
MISC
MISC
apple -- apple_music_for_android
 
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.2023-02-27not yet calculatedCVE-2022-32836
MISC
apple -- multiple_productsA race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.2023-02-27not yet calculatedCVE-2022-32844
MISC
MISC
MISC
apple -- apple_music_for_androidA logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.2023-02-27not yet calculatedCVE-2022-32846
MISC
apple -- ios/ipadosA logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen.2023-02-27not yet calculatedCVE-2022-32855
MISC
apple -- multiple_productsThe issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing.2023-02-27not yet calculatedCVE-2022-32891
MISC
MISC
MISC
MISC
apple -- multiple_productsThis issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information.2023-02-27not yet calculatedCVE-2022-32896
MISC
MISC
apple -- macosA logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.2023-02-27not yet calculatedCVE-2022-32900
MISC
MISC
apple -- macosA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.2023-02-27not yet calculatedCVE-2022-32902
MISC
MISC
MISC
apple -- apple_music_for_androidThis issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections.2023-02-27not yet calculatedCVE-2022-32906
MISC
kubernetes -- kubernetesUsers may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.2023-03-01not yet calculatedCVE-2022-3294
CONFIRM
MLIST
apple -- multiple_productsThis issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.2023-02-27not yet calculatedCVE-2022-32949
MISC
MISC
aremis -- aremis_4_nomadAn issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data.2023-02-27not yet calculatedCVE-2022-34908
MISC
MISC
aremis -- aremis_4_nomadAn issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database.2023-02-27not yet calculatedCVE-2022-34909
MISC
MISC
aremis -- aremis_4_nomadAn issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.2023-02-27not yet calculatedCVE-2022-34910
MISC
MISC
ibm -- maximo_asset_managementIBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230958.2023-03-02not yet calculatedCVE-2022-35645
MISC
MISC
MISC
redis -- redisRedis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.2023-03-01not yet calculatedCVE-2022-36021
MISC
MISC
hewlett_packard_enterprise -- hpe_oneview_for_vmware_vcenterHPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password.2023-03-01not yet calculatedCVE-2022-37935
MISC
hewlett_packard_enterprise -- hpe_serviceguard_for_linuxUnauthenticated Java deserialization vulnerability in Serviceguard Manager2023-03-01not yet calculatedCVE-2022-37936
MISC
hewlett_packard_enterprise -- hpe_serviceguard_for_linuxPre-auth memory corruption in HPE Serviceguard2023-03-01not yet calculatedCVE-2022-37937
MISC
hewlett_packard_enterprise -- hpe_serviceguard_for_linuxUnauthenticated server side request forgery in HPE Serviceguard Manager2023-03-01not yet calculatedCVE-2022-37938
MISC
quest -- kace_smaAn XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML.2023-03-01not yet calculatedCVE-2022-38220
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.2023-03-01not yet calculatedCVE-2022-38468
MISC
netapp -- storagegridStorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.2023-03-02not yet calculatedCVE-2022-38734
MISC
hitachi -- hitachi_ops_center_analyzerIncorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01.2023-02-28not yet calculatedCVE-2022-3884
MISC
vantage6 -- vantage6vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is entered a number of times, the user account is blocked temporarily. This issue has been fixed in version 3.8.0.2023-03-01not yet calculatedCVE-2022-39228
MISC
MISC
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in StandaloneTech TeraWallet – For WooCommerce plugin <= 1.3.24 leading to plugin settings change.2023-03-01not yet calculatedCVE-2022-40198
MISC
ibm -- mq_for_hpe_nonstopIBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. IBM X-Force ID: 235727.2023-02-27not yet calculatedCVE-2022-40237
MISC
MISC
rittal -- cmc_iiiA malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks.2023-03-02not yet calculatedCVE-2022-40633
MISC
go_on_windows -- go_on_windowsA path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b".2023-02-28not yet calculatedCVE-2022-41722
MISC
MISC
MISC
MISC
go -- goA maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.2023-02-28not yet calculatedCVE-2022-41723
MISC
MISC
MISC
MISC
MISC
go -- goLarge handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert).2023-02-28not yet calculatedCVE-2022-41724
MISC
MISC
MISC
MISC
go -- goA denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing "up to maxMemory bytes +10MB (reserved for non-file parts) in memory". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, "If stored on disk, the File's underlying concrete type will be an *os.File.". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.2023-02-28not yet calculatedCVE-2022-41725
MISC
MISC
MISC
MISC
go -- goAn attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.2023-02-28not yet calculatedCVE-2022-41727
MISC
MISC
MISC
MISC
postgresql -- postgresqlIn PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.2023-03-03not yet calculatedCVE-2022-41862
MISC
MISC
apple -- xcodeAn injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.2023-02-27not yet calculatedCVE-2022-42797
MISC
apple -- macosA use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution.2023-02-27not yet calculatedCVE-2022-42826
MISC
MISC
MISC
apple -- macosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.2023-02-27not yet calculatedCVE-2022-42833
MISC
apple -- macosAn issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed.2023-02-27not yet calculatedCVE-2022-42838
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Forms by CaptainForm – Form Builder for WordPress plugin <= 2.5.3 versions.2023-02-28not yet calculatedCVE-2022-43459
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1.2023-03-01not yet calculatedCVE-2022-45068
MISC
MISC
shenzhen_zhibotong_electronics -- we1626_routerAn issue discovered in Shenzhen Zhibotong Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint.2023-03-03not yet calculatedCVE-2022-45551
MISC
MISC
MISC
shenzhen_zhibotong_electronics -- we1626_routerAn Insecure Permissions vulnerability in Shenzhen Zhibotong Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory.2023-03-03not yet calculatedCVE-2022-45552
MISC
MISC
MISC
shenzhen_zhibotong_electronics -- we1626_routerAn issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port.2023-03-03not yet calculatedCVE-2022-45553
MISC
MISC
MISC
thingsboard -- thingsboardAn issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value).2023-03-01not yet calculatedCVE-2022-45608
MISC
MISC
razer -- razer_centralArbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory.2023-02-27not yet calculatedCVE-2022-45697
MISC
MISC
robosoft -- rbs_image_galleryCross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate & activate.2023-03-01not yet calculatedCVE-2022-45804
MISC
coocare -- coocarestarsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload.2023-03-03not yet calculatedCVE-2022-45988
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.2023-03-03not yet calculatedCVE-2022-4645
MISC
MISC
CONFIRM
accruent -- accruentAccruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Order function.2023-03-02not yet calculatedCVE-2022-46501
MISC
MISC
apple -- macosA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to modify protected parts of the file system.2023-02-27not yet calculatedCVE-2022-46704
MISC
MISC
MISC
apple -- multiple_productsA spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.2023-02-27not yet calculatedCVE-2022-46705
MISC
MISC
MISC
apple -- macosA use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges.2023-02-27not yet calculatedCVE-2022-46712
MISC
apple -- macosA race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system.2023-02-27not yet calculatedCVE-2022-46713
MISC
MISC
MISC
apple -- macosThis issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files.2023-02-27not yet calculatedCVE-2022-46723
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce plugin <= 5.2.3 leads to plugin settings change.2023-03-01not yet calculatedCVE-2022-46797
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.2023-03-01not yet calculatedCVE-2022-46798
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets.2023-03-01not yet calculatedCVE-2022-46805
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification.2023-03-01not yet calculatedCVE-2022-46806
MISC
report -- reportReport v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability.2023-03-03not yet calculatedCVE-2022-46973
MISC
MISC
smart_office_web -- smart_office_webAn issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx.2023-02-28not yet calculatedCVE-2022-47075
MISC
MISC
MISC
smart_office_web -- smart_office_webAn issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.2023-02-28not yet calculatedCVE-2022-47076
MISC
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss.2023-03-01not yet calculatedCVE-2022-47148
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft.2023-02-28not yet calculatedCVE-2022-47179
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.5 leads to list column update.2023-02-28not yet calculatedCVE-2022-47612
MISC
libde265 -- libde265Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse2023-03-03not yet calculatedCVE-2022-47664
MISC
libde265 -- libde265Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int)2023-03-03not yet calculatedCVE-2022-47665
MISC
huawei -- bisheng-wnm_fwThere is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS.2023-02-27not yet calculatedCVE-2022-48230
MISC
huawei -- leia-b29There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication.2023-02-27not yet calculatedCVE-2022-48254
MISC
huawei -- bisheng-wnm_fwThere is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution.2023-02-27not yet calculatedCVE-2022-48255
MISC
huawei -- bisheng-wnm_fwThere is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges.2023-02-27not yet calculatedCVE-2022-48259
MISC
huawei -- bisheng-wnm_fwThere is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions.2023-02-27not yet calculatedCVE-2022-48260
MISC
huawei -- bisheng-wnm_fwThere is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal.2023-02-27not yet calculatedCVE-2022-48261
MISC
huawei -- harmony_osA piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.2023-02-27not yet calculatedCVE-2022-48283
MISC
huawei -- harmony_osA piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.2023-02-27not yet calculatedCVE-2022-48284
MISC
huawei -- simba-al00There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.2023-02-27not yet calculatedCVE-2022-48305
MISC
sophos_connect -- sophos_connectA CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.2023-03-01not yet calculatedCVE-2022-48309
CONFIRM
sophos_connect -- sophos_connectAn information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.2023-03-01not yet calculatedCVE-2022-48310
CONFIRM
zoho -- manageengine_desktop_centralZoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. (The attacker could authenticate by exploiting CVE-2021-44515.)2023-02-25not yet calculatedCVE-2022-48362
MISC
pipewire -- pipewireIn MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.2023-02-26not yet calculatedCVE-2022-48363
MISC
MISC
MISC
MISC
hitachi -- multiple_products_on_linux_platformImproper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00.2023-02-28not yet calculatedCVE-2022-4895
MISC
sophos_connect -- sophos_connectMultiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.2023-03-01not yet calculatedCVE-2022-4901
CONFIRM
sauter_controls -- multiple_productssauter_controls -- multiple_productsSAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.2023-03-02not yet calculatedCVE-2023-0053
MISC
wordpress -- wordpressThe Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via text areas on forms in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, which is the submissions page.2023-03-02not yet calculatedCVE-2023-0084
MISC
MISC
MISC
wordpress -- wordpressThe Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including, 3.2.1. This is due to insufficient server side checking on the captcha value submitted during a form submission. This makes it possible for unauthenticated attackers to bypass Captcha restrictions and for attackers to utilize bots to submit forms.2023-03-02not yet calculatedCVE-2023-0085
MISC
MISC
MISC
nvidia -- cuda_toolkitNVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service.2023-03-02not yet calculatedCVE-2023-0196
MISC
abb -- symphony_plusImproper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.2023-03-02not yet calculatedCVE-2023-0228
MISC
forgerock -- access_managementRelative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.12023-02-28not yet calculatedCVE-2023-0339
MISC
MISC
mitsubishi_electric_corporation -- melsec_iq-fPlaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules all models all versions, FX5UJ CPU modules all models all versions, FX5S CPU modules all models all versions, FX5-ENET all versions and FX5-ENET/IP all versions allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server.2023-03-03not yet calculatedCVE-2023-0457
MISC
MISC
MISC
youtube -- youtubeThe YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a remote context is created with the flags Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY. This allows the client app to remotely load code from YouTube Main App by retrieving the Main App’s ClassLoader. A potential vulnerability in the binding logic used by the client SDK where the SDK ends up calling bindService() on a malicious app rather than YT Main App. This creates a vulnerability where the SDK can load the malicious app’s ClassLoader instead, allowing the malicious app to load arbitrary code into the calling app whenever the embedded SDK is invoked. In order to trigger this vulnerability, an attacker must masquerade the Youtube app and install it on a device, have a second app that uses the Embedded player and typically distribute both to the victim outside of the Play Store.2023-03-01not yet calculatedCVE-2023-0460
MISC
linux -- kernelThere is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c2023-02-28not yet calculatedCVE-2023-0461
MISC
MISC
grafana -- grafanaGrafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.2023-03-01not yet calculatedCVE-2023-0507
MISC
forgerock -- access_management_java_policy_agentRelative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.12023-02-28not yet calculatedCVE-2023-0511
MISC
MISC
php_group -- phpIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.2023-03-01not yet calculatedCVE-2023-0567
MISC
MISC
asos_information_technologies -- sobiadImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies SOBIAD allows Cross-Site Scripting (XSS).This issue affects SOBIAD: before 23.02.01.2023-03-03not yet calculatedCVE-2023-0577
MISC
asos_information_technologies -- book_citiesImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies Book Cites allows Cross-Site Scripting (XSS).This issue affects Book Cites: before 23.01.05.2023-03-03not yet calculatedCVE-2023-0578
MISC
grafana -- grafanaGrafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.2023-03-01not yet calculatedCVE-2023-0594
MISC
sonicwall -- sonicosA Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.2023-03-02not yet calculatedCVE-2023-0656
CONFIRM
sub-iot -- dash_7_alliance_protocol_stack_implementationThe Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution.2023-03-01not yet calculatedCVE-2023-0847
MISC
MISC
devolutions -- devolutions_serverImproper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions.2023-03-01not yet calculatedCVE-2023-0951
MISC
devolutions -- devolutions_serverImproper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization.2023-03-01not yet calculatedCVE-2023-0952
MISC
devolutions -- devolutions_serverInsufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources.2023-03-01not yet calculatedCVE-2023-0953
MISC
gitpod -- gitpodAn issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to the Gitpod JSONRPC server using a victim’s credentials, because the Origin header is not restricted. This can lead to the extraction of data from workspaces, to a full takeover of the workspace.2023-03-03not yet calculatedCVE-2023-0957
MISC
MISC
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpress
 
The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.2023-03-03not yet calculatedCVE-2023-0968
MISC
MISC
trusted_computing_group -- tpm2.0An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.2023-02-28not yet calculatedCVE-2023-1017
MISC
MISC
MISC
trusted_computing_group -- tpm2.0An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.2023-02-28not yet calculatedCVE-2023-1018
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to update google analytics options maintained by the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.2023-02-28not yet calculatedCVE-2023-1022
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to change sitemap-related settings of the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.2023-02-28not yet calculatedCVE-2023-1023
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to generate sitemaps. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.2023-02-28not yet calculatedCVE-2023-1024
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to get post listings by category as long as those posts are published. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.2023-02-28not yet calculatedCVE-2023-1026
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to obtain post categories. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.2023-02-28not yet calculatedCVE-2023-1027
MISC
MISC
MISC
wordpress -- wordpressThe WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the setIgnore function. This makes it possible for unauthenticated attackers to update plugin options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.2023-02-28not yet calculatedCVE-2023-1028
MISC
MISC
MISC
froxlor -- froxlorCross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11.2023-02-25not yet calculatedCVE-2023-1033
CONFIRM
MISC
salesagility -- suitecrmPath Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9.2023-02-25not yet calculatedCVE-2023-1034
CONFIRM
MISC
amd -- ryzen_dram_calculatorA vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.2023-02-26not yet calculatedCVE-2023-1048
MISC
MISC
MISC
red_hat_directory_server -- red_hat_directory_serverA flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.2023-02-27not yet calculatedCVE-2023-1055
MISC
uzay_baskul -- weighbridge_automation_softwareImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Uzay Baskul Weighbridge Automation Software allows SQL Injection.This issue affects Weighbridge Automation Software: before 1.1.2023-03-01not yet calculatedCVE-2023-1064
MISC
snyk -- snyk_kubernetes_monitorThis vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a Snyk Organization, which could in turn obfuscate other, relevant, security issues. It does not expose the user of the integration to any direct security risk and no user data can be leaked. To exploit the vulnerability the attacker does not need to be authenticated to Snyk but does need to know the target's Integration ID (which may or may not be the same as the Organization ID, although this is an unpredictable UUID in either case).2023-02-28not yet calculatedCVE-2023-1065
MISC
MISC
MISC
MISC
teampass -- teampassExternal Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.2023-02-27not yet calculatedCVE-2023-1070
CONFIRM
MISC
wordpress -- wordpressThe GN Publisher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.2023-02-28not yet calculatedCVE-2023-1080
MISC
MISC
linux -- kernelIn nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.2023-02-28not yet calculatedCVE-2023-1095
MISC
MISC
baicells -- eg7035-m11Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party analyst and have been confirmed exploitable special thanks to Lionel Musonza for the discovery.2023-03-01not yet calculatedCVE-2023-1097
MISC
MISC
sourcecodester -- online_student_management_systemA vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php?editid=1. The manipulation of the argument editideditid leads to sql injection. The attack may be launched remotely. VDB-222002 is the identifier assigned to this vulnerability.2023-02-28not yet calculatedCVE-2023-1099
MISC
MISC
sourcecodester -- online_catering_reservation_systemA vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. This affects an unknown part of the file /reservation/add_message.php of the component POST Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222003.2023-02-28not yet calculatedCVE-2023-1100
MISC
MISC
MISC
sonicwall -- sonicosSonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.2023-03-02not yet calculatedCVE-2023-1101
CONFIRM
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-01not yet calculatedCVE-2023-1103
MISC
CONFIRM
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-01not yet calculatedCVE-2023-1104
CONFIRM
MISC
flatpress -- flatpressExternal Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.2023-03-01not yet calculatedCVE-2023-1105
CONFIRM
MISC
wordpress -- wordpressA vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_name leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222072.2023-03-01not yet calculatedCVE-2023-1112
MISC
MISC
MISC
sourcecodester -- simple_payroll_systemA vulnerability was found in SourceCodester Simple Payroll System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=admin of the component POST Parameter Handler. The manipulation of the argument fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222073 was assigned to this vulnerability.2023-03-01not yet calculatedCVE-2023-1113
MISC
MISC
MISC
e-belediye -- e-belediyeImproper Input Validation, Missing Authorization vulnerability in Eskom Bilgisayar e-Belediye allows Information Elicitation.This issue affects e-Belediye: from 1.0.0.95 before 1.0.0.100.2023-03-01not yet calculatedCVE-2023-1114
MISC
linux -- kernelA flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.2023-03-02not yet calculatedCVE-2023-1118
MISC
vim -- vimDivide By Zero in GitHub repository vim/vim prior to 9.0.1367.2023-03-01not yet calculatedCVE-2023-1127
MISC
CONFIRM
FEDORA
sourcecodester -- computer_parts_sales_and_inventory_systemA vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file processlogin. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222105 was assigned to this vulnerability.2023-03-01not yet calculatedCVE-2023-1130
MISC
MISC
MISC
sourcecodester -- computer_parts_sales_and_inventory_systemA vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222106 is the identifier assigned to this vulnerability.2023-03-01not yet calculatedCVE-2023-1131
MISC
MISC
MISC
btcpayserver -- btcpayserverImproper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0.2023-03-02not yet calculatedCVE-2023-1149
MISC
CONFIRM
sourcecodester -- electronic_medical_records_systemA vulnerability was found in SourceCodester Electronic Medical Records System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file administrator.php of the component Cookie Handler. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222163.2023-03-02not yet calculatedCVE-2023-1151
MISC
MISC
MISC
wordpress -- wordpressThe Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.2023-03-02not yet calculatedCVE-2023-1155
MISC
MISC
sourcecodester -- health_center_patient_record_management_systemA vulnerability classified as problematic was found in SourceCodester Health Center Patient Record Management System 1.0. This vulnerability affects unknown code of the file admin/fecalysis_form.php. The manipulation of the argument itr_no leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222220.2023-03-02not yet calculatedCVE-2023-1156
MISC
MISC
MISC
elf_parser -- elf_parserA vulnerability, which was classified as problematic, was found in finixbit elf-parser. Affected is the function elf_parser::Elf_parser::get_segments of the file elf_parser.cpp. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-222222 is the identifier assigned to this vulnerability.2023-03-02not yet calculatedCVE-2023-1157
MISC
MISC
MISC
cockpit-hq -- cockpit-hqUse of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0.2023-03-03not yet calculatedCVE-2023-1160
CONFIRM
MISC
draytek -- vigor_2960A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4. Affected is the function sub_1225C of the file mainfunction.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222258 is the identifier assigned to this vulnerability.2023-03-03not yet calculatedCVE-2023-1162
MISC
MISC
MISC
draytek -- vigor_2960A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and classified as problematic. Affected by this vulnerability is the function sub_1DA58 of the file mainfunction.cgi. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259.2023-03-03not yet calculatedCVE-2023-1163
MISC
MISC
MISC
kylinsoft -- kylin_osA vulnerability was found in KylinSoft kylin-activation and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authorization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.11-23 and 1.30.10-5.p23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222260.2023-03-03not yet calculatedCVE-2023-1164
MISC
MISC
MISC
crmeb -- crmebA vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been classified as critical. This affects an unknown part of the file /api/admin/system/store/order/list. The manipulation of the argument keywords leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-222261 was assigned to this vulnerability.2023-03-03not yet calculatedCVE-2023-1165
MISC
MISC
MISC
vim -- vimHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.2023-03-03not yet calculatedCVE-2023-1170
MISC
CONFIRM
vim -- vimIncorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.2023-03-04not yet calculatedCVE-2023-1175
MISC
CONFIRM
cisco -- secure_email_gateway/secure_email_and_web_managerA vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.2023-03-01not yet calculatedCVE-2023-20009
MISC
cisco -- nexus_dashboardA vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device. A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition.2023-03-01not yet calculatedCVE-2023-20014
MISC
clamav -- clamavOn Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].2023-03-01not yet calculatedCVE-2023-20032
MISC
clamav -- clamavOn Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.2023-03-01not yet calculatedCVE-2023-20052
MISC
cisco -- nexus_dashboardA vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-03-01not yet calculatedCVE-2023-20053
MISC
cisco -- unified_intelligence_centerMultiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities.2023-03-03not yet calculatedCVE-2023-20061
CISCO
cisco -- unified_intelligence_centerMultiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities.2023-03-03not yet calculatedCVE-2023-20062
CISCO
cisco -- multiple_productsA vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device.2023-03-03not yet calculatedCVE-2023-20069
CISCO
cisco -- secure_email_gatewayVulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.2023-03-01not yet calculatedCVE-2023-20075
MISC
cisco -- ip_phonesMultiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.2023-03-03not yet calculatedCVE-2023-20078
CISCO
cisco -- ip_phonesMultiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.2023-03-03not yet calculatedCVE-2023-20079
CISCO
cisco -- identity_services_engineA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected interface or access sensitive, browser-based information.2023-03-01not yet calculatedCVE-2023-20085
MISC
cisco -- finesseA vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. This vulnerability is due to improper IP address filtering by the reverse proxy. An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. A successful exploit could allow the attacker to cause all current traffic and subsequent requests to the reverse proxy through a load balancer to be dropped, resulting in a DoS condition.2023-03-03not yet calculatedCVE-2023-20088
CISCO
cisco -- webex_app_for_webA vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending an arbitrary file to a user and persuading that user to browse to a specific URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2023-03-03not yet calculatedCVE-2023-20104
CISCO
vmware -- workspace_oneVMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode.2023-02-28not yet calculatedCVE-2023-20857
MISC
MISC
google -- androidIn onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2482510182023-02-28not yet calculatedCVE-2023-20932
MISC
google -- androidIn several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2458607532023-02-28not yet calculatedCVE-2023-20933
MISC
google -- androidIn resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-2586720422023-02-28not yet calculatedCVE-2023-20934
MISC
linux -- kernelIn several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257443051References: Upstream kernel2023-02-28not yet calculatedCVE-2023-20937
MISC
google -- androidIn binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel2023-02-28not yet calculatedCVE-2023-20938
MISC
google -- androidIn multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-2433629812023-02-28not yet calculatedCVE-2023-20939
MISC
google -- androidIn the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2562370412023-02-28not yet calculatedCVE-2023-20940
MISC
google -- androidIn clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2402678902023-02-28not yet calculatedCVE-2023-20943
MISC
google -- androidIn run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-2441545582023-02-28not yet calculatedCVE-2023-20944
MISC
google -- androidIn phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-2469322692023-02-28not yet calculatedCVE-2023-20945
MISC
google -- androidIn onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-2444231012023-02-28not yet calculatedCVE-2023-20946
MISC
google -- androidIn dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-2306305262023-02-28not yet calculatedCVE-2023-20948
MISC
github -- enterprise_serverA code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. To exploit this vulnerability, an attacker would need existing permission to control the value of environment variables for use with GitHub Actions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.8.0 and was fixed in versions 3.4.15, 3.5.12, 3.6.8, 3.7.5. This vulnerability was reported via the GitHub Bug Bounty program.2023-03-02not yet calculatedCVE-2023-22381
MISC
MISC
MISC
MISC
MISC
grafana -- grafanaGrafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.2023-03-02not yet calculatedCVE-2023-22462
MISC
MISC
MISC
fortiguard -- fortiwebAn unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21, 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request.2023-02-27not yet calculatedCVE-2023-22636
MISC
vantage6 -- vantage6vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Assigning existing users to a different organizations is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain their permissions and therefore might be able to access stuff they should not be allowed to access. This issue is patched in version 3.8.0.2023-03-01not yet calculatedCVE-2023-22738
MISC
MISC
aruba_networks -- arubaosThere are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22747
MISC
aruba_networks -- arubaosThere are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22748
MISC
aruba_networks -- arubaosThere are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22749
MISC
aruba_networks -- arubaosThere are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22750
MISC
aruba_networks -- arubaosThere are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22751
MISC
aruba_networks -- arubaosThere are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22752
MISC
aruba_networks -- arubaosThere are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22753
MISC
aruba_networks -- arubaosThere are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22754
MISC
aruba_networks -- arubaosThere are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22755
MISC
aruba_networks -- arubaosThere are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22756
MISC
aruba_networks -- arubaosThere are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.2023-03-01not yet calculatedCVE-2023-22757
MISC
aruba_networks -- arubaosAuthenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.2023-03-01not yet calculatedCVE-2023-22758
MISC
aruba_networks -- arubaosAuthenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.2023-03-01not yet calculatedCVE-2023-22759
MISC
aruba_networks -- arubaosAuthenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.2023-03-01not yet calculatedCVE-2023-22760
MISC
aruba_networks -- arubaosAuthenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.2023-03-01not yet calculatedCVE-2023-22761
MISC
aruba_networks -- arubaosAn authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.2023-03-01not yet calculatedCVE-2023-22772
MISC
aruba_networks -- arubaosA vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.2023-03-01not yet calculatedCVE-2023-22775
MISC
aruba_networks -- arubaosAn authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.2023-03-01not yet calculatedCVE-2023-22777
MISC
aruba_networks -- arubaosA vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.2023-03-01not yet calculatedCVE-2023-22778
MISC
ibm -- cloud_pak_for_business_automationIBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244100.2023-02-27not yet calculatedCVE-2023-22860
MISC
MISC
linux -- kernelIn the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.2023-02-28not yet calculatedCVE-2023-22995
MISC
MISC
linux -- kernelIn the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device.2023-02-28not yet calculatedCVE-2023-22996
MISC
MISC
linux -- kernelIn the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-02-28not yet calculatedCVE-2023-22997
MISC
MISC
linux -- kernelIn the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-02-28not yet calculatedCVE-2023-22999
MISC
MISC
linux -- kernelIn the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.2023-03-01not yet calculatedCVE-2023-23000
MISC
MISC
linux -- kernelIn the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-03-01not yet calculatedCVE-2023-23001
MISC
MISC
linux -- kernelIn the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-03-01not yet calculatedCVE-2023-23002
MISC
MISC
linux -- kernelIn the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.2023-03-01not yet calculatedCVE-2023-23003
MISC
MISC
linux -- kernelIn the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-03-01not yet calculatedCVE-2023-23004
MISC
MISC
linux -- kernelIn the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).2023-03-01not yet calculatedCVE-2023-23006
MISC
MISC
tenda -- multiple_productsCertain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS<=V2209020908.2023-02-27not yet calculatedCVE-2023-23080
MISC
crasm -- crasmIn crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc.2023-02-27not yet calculatedCVE-2023-23108
MISC
MISC
crasm -- crasmIn crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv.2023-02-27not yet calculatedCVE-2023-23109
MISC
MISC
art_gallery_ms -- art_gallery_msArt Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login.2023-02-27not yet calculatedCVE-2023-23155
MISC
MISC
MISC
art_gallery_ms -- art_gallery_msArt Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page.2023-02-27not yet calculatedCVE-2023-23156
MISC
MISC
MISC
art_gallery_ms -- art_gallery_msA stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page.2023-02-27not yet calculatedCVE-2023-23157
MISC
MISC
MISC
art_gallery_ms -- art_gallery_msA stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page.2023-02-27not yet calculatedCVE-2023-23158
MISC
MISC
MISC
draytek -- multiple_productsCertain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.2023-03-03not yet calculatedCVE-2023-23313
MISC
MISC
prestashop -- prestashopThe PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.2023-03-01not yet calculatedCVE-2023-23315
MISC
apple -- multiple_productsA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.2023-02-27not yet calculatedCVE-2023-23493
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.2023-02-27not yet calculatedCVE-2023-23496
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to gain root privileges.2023-02-27not yet calculatedCVE-2023-23497
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account.2023-02-27not yet calculatedCVE-2023-23498
MISC
MISC
MISC
apple -- multiple_productsThis issue was addressed by enabling hardened runtime. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access user-sensitive data.2023-02-27not yet calculatedCVE-2023-23499
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to leak sensitive kernel state.2023-02-27not yet calculatedCVE-2023-23500
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory..2023-02-27not yet calculatedCVE-2023-23501
MISC
apple -- multiple_productsAn information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to determine kernel memory layout.2023-02-27not yet calculatedCVE-2023-23502
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.2023-02-27not yet calculatedCVE-2023-23503
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges.2023-02-27not yet calculatedCVE-2023-23504
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user’s contacts.2023-02-27not yet calculatedCVE-2023-23505
MISC
MISC
MISC
MISC
MISC
MISC
apple -- macosA permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data.2023-02-27not yet calculatedCVE-2023-23506
MISC
apple -- macosA permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history.2023-02-27not yet calculatedCVE-2023-23510
MISC
apple -- multiple_productsA buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.2023-02-27not yet calculatedCVE-2023-23513
MISC
MISC
MISC
apple -- multiple_productsA use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..2023-02-27not yet calculatedCVE-2023-23514
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.2023-02-27not yet calculatedCVE-2023-23517
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.2023-02-27not yet calculatedCVE-2023-23518
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing an image may lead to a denial-of-service.2023-02-27not yet calculatedCVE-2023-23519
MISC
MISC
MISC
MISC
apple -- multiple_productsA race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root.2023-02-27not yet calculatedCVE-2023-23520
MISC
MISC
apple -- macosA privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data..2023-02-27not yet calculatedCVE-2023-23522
MISC
apple -- multiple_productsA denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service.2023-02-27not yet calculatedCVE-2023-23524
MISC
MISC
MISC
MISC
apple -- multiple_productsA type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..2023-02-27not yet calculatedCVE-2023-23529
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.2023-02-27not yet calculatedCVE-2023-23530
MISC
MISC
apple -- multiple_productsThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.2023-02-27not yet calculatedCVE-2023-23531
MISC
MISC
dell -- powerscaleDell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.2023-02-28not yet calculatedCVE-2023-23689
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce plugin <= 1.4.10 leads to settings change.2023-02-28not yet calculatedCVE-2023-23865
MISC
craft_cms – craft_cmsCraft is a platform for creating digital experiences. When you insert a payload inside a label name or instruction of an entry type, an cross-site scripting (XSS) happens in the quick post widget on the admin dashboard. This issue has been fixed in version 4.3.7.2023-03-03not yet calculatedCVE-2023-23927
MISC
MISC
MISC
vantage6 – vantage6vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Currently, the refresh token is valid indefinitely. The refresh token should get a validity of 24-48 hours. A fix was released in version 3.8.0.2023-03-04not yet calculatedCVE-2023-23929
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.2023-03-01not yet calculatedCVE-2023-23973
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).2023-03-01not yet calculatedCVE-2023-23974
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion.2023-02-28not yet calculatedCVE-2023-23983
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.2023-03-01not yet calculatedCVE-2023-23984
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.2023-02-28not yet calculatedCVE-2023-23992
MISC
dataiku -- dataiku_dssIn Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request.2023-03-01not yet calculatedCVE-2023-24045
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24117
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24118
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24119
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24120
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24121
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24122
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24123
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24124
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24125
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24126
MISC
MISC
MISC
jensen -- eagle_1200acJensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet.2023-03-01not yet calculatedCVE-2023-24127
MISC
MISC
MISC
davinci -- davinciDavinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function.2023-02-27not yet calculatedCVE-2023-24206
MISC
laravel -- adminAn arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.2023-02-27not yet calculatedCVE-2023-24249
MISC
MISC
MISC
domotica_labs – ikon_serverDomotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability.2023-02-27not yet calculatedCVE-2023-24253
MISC
spip -- spipSPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request.2023-02-27not yet calculatedCVE-2023-24258
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin <= 5.5.6 versions.2023-02-28not yet calculatedCVE-2023-24419
MISC
dell -- networkerDell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.2023-03-01not yet calculatedCVE-2023-24567
MISC
judging_management_system -- judging_management_systemJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateview.php.2023-03-03not yet calculatedCVE-2023-24641
MISC
judging_management_system -- judging_management_systemJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateTxtview.php.2023-03-03not yet calculatedCVE-2023-24642
MISC
judging_management_system -- judging_management_systemJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php.2023-03-03not yet calculatedCVE-2023-24643
MISC
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24751
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24752
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24754
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24755
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24756
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24757
MISC
MLIST
libde265 -- libde265libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.2023-03-01not yet calculatedCVE-2023-24758
MISC
MLIST
redis -- redisRedis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.2023-03-02not yet calculatedCVE-2023-25155
MISC
MISC
MISC
MISC
MISC
libde265 -- libde265Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.2023-03-01not yet calculatedCVE-2023-25221
MISC
MLIST
libredwg -- gnuA heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.2023-03-01not yet calculatedCVE-2023-25222
MISC
docmosis -- tornadoAn issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments.2023-02-28not yet calculatedCVE-2023-25264
MISC
MISC
docmosis -- tornadoDocmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system.2023-02-28not yet calculatedCVE-2023-25265
MISC
MISC
docmosis -- tornadoAn issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting pointing to an arbitrary remote network path. This triggers the execution of the soffice binary under the attackers control leading to arbitrary remote code execution (RCE).2023-02-28not yet calculatedCVE-2023-25266
MISC
MISC
webkitgtk -- webkitgtkA use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.2023-03-02not yet calculatedCVE-2023-25358
MISC
webkitgtk -- webkitgtkA use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely.2023-03-02not yet calculatedCVE-2023-25360
MISC
webkitgtk -- webkitgtkA use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.2023-03-02not yet calculatedCVE-2023-25361
MISC
webkitgtk -- webkitgtkA use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely.2023-03-02not yet calculatedCVE-2023-25362
MISC
webkitgtk -- webkitgtkA use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely.2023-03-02not yet calculatedCVE-2023-25363
MISC
yf_exam -- yf_examCleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload.2023-03-03not yet calculatedCVE-2023-25402
MISC
MISC
yf_exam -- yf_examCleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username format characters. Any user who logged in within 24 hours. A token can be forged with his username to bypass authentication.2023-03-03not yet calculatedCVE-2023-25403
MISC
MISC
online_reviewer_management_system -- online_reviewer_management_systemAn issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer_0/admins/assessments/course/course-update.php.2023-02-28not yet calculatedCVE-2023-25431
MISC
online_reviewer_management_system -- online_reviewer_management_systemAn issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer_0/admins/assessments/course/course-update.php.2023-02-28not yet calculatedCVE-2023-25432
MISC
dell -- powerscale_onefsDell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.2023-03-02not yet calculatedCVE-2023-25536
MISC
dell -- powerscale_onefsDell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service.2023-02-28not yet calculatedCVE-2023-25540
MISC
dell -- networkerDell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.2023-03-01not yet calculatedCVE-2023-25544
MISC
api_platform -- api_platformAPI Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the `security` option of the `ApiPlatform\Metadata\ApiProperty` attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization formats may also be impacted. Only collection endpoints are affected by the issue, item endpoints are not. The JSON-LD format is not affected by the issue. The result of the security rule is only executed for the first item of the collection. The result of the rule is then cached and reused for the next items. This bug can leak data to unauthorized users when the rule depends on the value of a property of the item. This bug can also hide properties that should be displayed to authorized users. This issue impacts the 2.7, 3.0 and 3.1 branches. Please upgrade to versions 2.7.10, 3.0.12 or 3.1.3. As a workaround, replace the `cache_key` of the context array of the Serializer inside a custom normalizer that works on objects if the security option of the `ApiPlatform\Metadata\ApiProperty` attribute is used.2023-02-28not yet calculatedCVE-2023-25575
MISC
MISC
opensearch_project -- opensearch_projectOpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs. Patches were released in versions 1.3.9 and 2.6.0, there are no workarounds.2023-03-02not yet calculatedCVE-2023-25806
MISC
dataease -- dataeaseDataEase is an open source data visualization and analysis tool. When saving a dashboard on the DataEase platform saved data can be modified and store malicious code. This vulnerability can lead to the execution of malicious code stored by the attacker on the server side when the user accesses the dashboard. The vulnerability has been fixed in version 1.18.3.2023-02-28not yet calculatedCVE-2023-25807
MISC
MISC
nextcloud -- nextcoudNextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3 No workaround is available.2023-02-25not yet calculatedCVE-2023-25816
MISC
MISC
MISC
discourse -- discourseDiscourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the `tests-passed` or `beta` branches >= 3.1.0.beta2. The issue is patched in the latest `beta` and `tests-passed` version of Discourse.2023-03-04not yet calculatedCVE-2023-25819
MISC
MISC
nextcloud -- nextcoudNextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0.7 and 25.0.1. No workaround is available.2023-02-25not yet calculatedCVE-2023-25821
MISC
MISC
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This is unescaped when viewing the logs in the web ui. This issue is patched in version 1.36.33.2023-02-25not yet calculatedCVE-2023-25825
MISC
MISC
MISC
MISC
medtronic -- micro_clinician_interstim_appMedtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer.2023-03-01not yet calculatedCVE-2023-25931
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL query to load the user. If an attacker could determine the HASH key used by ZoneMinder, they could generate a malicious JWT token and use it to execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26032
MISC
gentoo -- gentooGentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. These are string loaded directly into the SQL query with `atom = '%s'` format string. As a result, any user can modify the browser's cookie value and inject most SQL queries. A proof of concept malformed cookie was generated that wiped the database or changed it's content. On the database, only public data is stored, so there is no confidentiality issues to site users. If it is known that the database was modified, a full restoration of data is possible by performing a full database wipe and performing full update of all components. This issue is patched with commit id 5ae9ca83b73. Version 1.0.1 contains the patch. If users are unable to upgrade immediately, the following workarounds may be applied: (1.) Use a proxy to always drop the `search_history` cookie until upgraded. The impact on user experience is low. (2.) Sanitize to the value of `search_history` cookie after base64 decoding it.2023-02-25not yet calculatedCVE-2023-26033
MISC
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The (blind) SQL Injection vulnerability is present within the `filter[Query][terms][0][attr]` query string parameter of the `/zm/index.php` endpoint. A user with the View or Edit permissions of Events may execute arbitrary SQL. The resulting impact can include unauthorized data access (and modification), authentication and/or authorization bypass, and remote code execution.2023-02-25not yet calculatedCVE-2023-26034
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26035
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path) vulnerability via /web/index.php. By controlling $view, any local file ending in .php can be executed. This is supposed to be mitigated by calling detaintPath, however dentaintPath does not properly sandbox the path. This can be exploited by constructing paths like "..././", which get replaced by "../". This issue is patched in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26036
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26037
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path) vulnerability via web/ajax/modal.php, where an arbitrary php file path can be passed in the request and loaded. This issue is patched in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26038
MISC
zoneminder -- zoneminderZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl() in (/web/api/app/Controller/HostController.php). Any authenticated user can construct an api command to execute any shell command as the web user. This issue is patched in versions 1.36.33 and 1.37.33.2023-02-25not yet calculatedCVE-2023-26039
MISC
nextcloud -- talkNextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. It is recommended that the Nextcloud Talk is upgraded to 15.0.3. There are no workaround available.2023-02-27not yet calculatedCVE-2023-26041
MISC
MISC
MISC
part-db -- part-dbPart-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to execute JavaScript code, unless in combination with other vulnerabilities. There are no workarounds, please upgrade to Pat-DB 1.0.2 or later.2023-02-27not yet calculatedCVE-2023-26042
MISC
MISC
MISC
MISC
geonode -- geonodeGeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. This issue has been patched in version 4.0.3.2023-02-27not yet calculatedCVE-2023-26043
MISC
MISC
teler-waf -- teler-wafteler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute arbitrary JavaScript code on the victim's browser and compromise the security of the web application. The vulnerability exists due to teler-waf failure to properly sanitize and filter HTML entities in user input. An attacker can exploit this vulnerability to bypass common web attack threat rules in teler-waf and launch cross-site scripting (XSS) attacks. The attacker can execute arbitrary JavaScript code on the victim's browser and steal sensitive information, such as login credentials and session tokens, or take control of the victim's browser and perform malicious actions. This issue has been fixed in version 0.1.1.2023-03-02not yet calculatedCVE-2023-26046
MISC
MISC
MISC
teler-waf -- teler-wafteler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version v0.2.0 is vulnerable to a bypass attack when a specific case-sensitive hex entities payload with special characters such as CR/LF and horizontal tab is used. This vulnerability allows an attacker to execute arbitrary JavaScript code on the victim's browser and compromise the security of the web application. An attacker can exploit this vulnerability to bypass common web attack threat rules in teler-waf and launch cross-site scripting (XSS) attacks. The attacker can execute arbitrary JavaScript code on the victim's browser and steal sensitive information, such as login credentials and session tokens, or take control of the victim's browser and perform malicious actions. This issue has been patched in version 0.2.0.2023-03-03not yet calculatedCVE-2023-26047
MISC
MISC
MISC
saleor -- saleorSaleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.2023-03-02not yet calculatedCVE-2023-26051
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
saleor -- saleorSaleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12.2023-03-02not yet calculatedCVE-2023-26052
MISC
MISC
MISC
MISC
MISC
MISC
MISC
gradle -- gradleGradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a `trusted-key` or `pgp` element in their dependency verification metadata file. The fix is to fail dependency verification if anything but a fingerprint is used in a trust element in dependency verification metadata. The problem is fixed in Gradle 8.0 and above. The problem is also patched in Gradle 6.9.4 and 7.6.1. As a workaround, use only full fingerprint IDs for `trusted-key` or `pgp` element in the metadata is a protection against this issue.2023-03-02not yet calculatedCVE-2023-26053
MISC
MISC
xwiki -- commonsXWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places where short text properties are displayed, e.g., in apps created using Apps Within Minutes that use a short text field. The problem has been patched on versions 13.10.9, 14.4.4, 14.7RC1.2023-03-02not yet calculatedCVE-2023-26055
MISC
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known workarounds for this issue.2023-03-02not yet calculatedCVE-2023-26056
MISC
MISC
MISC
MISC
MISC
typo3 -- frp_form_answersThe frp_form_answers (aka Forms Export) extension before 3.1.2, and 4.x before 4.0.2, for TYPO3 allows XSS via saved emails.2023-02-26not yet calculatedCVE-2023-26091
CONFIRM
MISC
deno -- denoVersions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.2023-02-25not yet calculatedCVE-2023-26103
MISC
MISC
MISC
MISC
MISC
lite-web-server -- lite-web-serverAll versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.2023-02-25not yet calculatedCVE-2023-26104
MISC
MISC
MISC
utilities -- utilitiesAll versions of the package utilities are vulnerable to Prototype Pollution via the _mix function.2023-02-28not yet calculatedCVE-2023-26105
MISC
MISC
barracuda -- cloudgen_wanOn Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.2023-03-03not yet calculatedCVE-2023-26213
FULLDISC
MISC
CONFIRM
MISC
jira -- stagil_navigation_for_jira-menu_and_themesAn unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system.2023-02-28not yet calculatedCVE-2023-26255
MISC
MISC
jira -- stagil_navigation_for_jira-menu_and_themesAn unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system.2023-02-28not yet calculatedCVE-2023-26256
MISC
MISC
covesa -- dlt-daemonAn issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c.2023-02-27not yet calculatedCVE-2023-26257
MISC
MISC
ibm -- http_serverIBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.2023-03-01not yet calculatedCVE-2023-26281
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). Most of the time this will fill the memory allocated to XWiki and make it unusable every time this document is manipulated. This issue has been patched in XWiki 14.0-rc-1.2023-03-02not yet calculatedCVE-2023-26470
MISC
MISC
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 11.6-rc-1, comments are supposed to be executed with the right of superadmin but in restricted mode (anything dangerous is disabled), but the async macro does not take into account the restricted mode. This means that any user with comment right can use the async macro to make it execute any wiki content with the right of superadmin. This has been patched in XWiki 14.9, 14.4.6, and 13.10.10. The only known workaround consists of applying a patch and rebuilding and redeploying `org.xwiki.platform:xwiki-platform-rendering-async-macro`.2023-03-02not yet calculatedCVE-2023-26471
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 6.2-milestone-1, one can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with certain content. This can be done by creating a new page or even through the user profile for users not having edit right. The issue has been patched in XWiki 14.9, 14.4.6, and 13.10.10. An available workaround is to fix the bug in the page `IconThemesCode.IconThemeSheet` by applying a modification from commit 48caf7491595238af2b531026a614221d5d61f38.2023-03-02not yet calculatedCVE-2023-26472
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 1.3-rc-1, any user with edit right can execute arbitrary database select and access data stored in the database. The problem has been patched in XWiki 13.10.11, 14.4.7, and 14.10. There is no workaround for this vulnerability other than upgrading.2023-03-02not yet calculatedCVE-2023-26473
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds.2023-03-02not yet calculatedCVE-2023-26474
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 2.3-milestone-1, the annotation displayer does not execute the content in a restricted context. This allows executing anything with the right of the author of any document by annotating the document. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. There is no easy workaround except to upgrade.2023-03-02not yet calculatedCVE-2023-26475
MISC
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to `LiveTableResults` and `WikisLiveTableResultsMacros`. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version >= 3.2M3 by applying the patch manually on `LiveTableResults` and `WikisLiveTableResultsMacros`.2023-03-02not yet calculatedCVE-2023-26476
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the `newThemeName` request parameter (URL parameter), in combination with additional parameters. This has been patched in the supported versions 13.10.10, 14.9-rc-1, and 14.4.6. As a workaround, it is possible to edit `FlamingoThemesCode.WebHomeSheet` and manually perform the changes from the patch fixing the issue.2023-03-02not yet calculatedCVE-2023-26477
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, `org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment` returns an instance of `com.xpn.xwiki.doc.XWikiAttachment`. This class is not supported to be exposed to users without the `programing` right. `com.xpn.xwiki.api.Attachment` should be used instead and takes case of checking the user's rights before performing dangerous operations. This has been patched in versions 14.9-rc-1 and 14.4.6. There are no known workarounds for this issue.2023-03-02not yet calculatedCVE-2023-26478
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 6.0, users with write rights can insert well-formed content that is not handled well by the parser. As a consequence, some pages becomes unusable, including the user index (if the page containing the faulty content is a user page) and the page index. Note that on the page, the normal UI is completely missing and it is not possible to open the editor directly to revert the change as the stack overflow is already triggered while getting the title of the document. This means that it is quite difficult to remove this content once inserted. This has been patched in XWiki 13.10.10, 14.4.6, and 14.9-rc-1. A temporary workaround to avoid Stack Overflow errors is to increase the memory allocated to the stack by using the `-Xss` JVM parameter (e.g., `-Xss32m`). This should allow the parser to pass and to fix the faulty content. The consequences for other aspects of the system (e.g., performance) are unknown, and this workaround should be only be used as a temporary solution. The workaround does not prevent the issue occurring again with other content. Consequently, it is strongly advised to upgrade to a version where the issue has been patched.2023-03-02not yet calculatedCVE-2023-26479
MISC
MISC
MISC
xwiki -- platformXWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds.2023-03-02not yet calculatedCVE-2023-26480
MISC
MISC
MISC
MISC
authentik_security_inc -- goauthentikauthentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin (or sent via email by an admin) can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an Identification and an Email stage bound to it. If the flow has policies on the identification stage to skip it when the flow is restored (by checking `request.context['is_restored']`), the flow is not affected by this. With this flow in place, an administrator must create a recovery Link or send a recovery URL to the attacker, who can, due to the improper validation of the token create, set the password for any account. Regardless, for custom recovery flows it is recommended to add a policy that checks if the flow is restored, and skips the identification stage. This issue has been fixed in versions 2023.2.3, 2023.1.3 and 2022.12.2.2023-03-04not yet calculatedCVE-2023-26481
MISC
MISC
gosaml2 -- gosaml2gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library enables attackers to craft a `deflate`-compressed request which will consume significantly more memory during processing than the size of the original request. This may eventually lead to memory exhaustion and the process being killed. The maximum compression ratio achievable with `deflate` is 1032:1, so by limiting the size of bodies passed to gosaml2, limiting the rate and concurrency of calls, and ensuring that lots of memory is available to the process it _may_ be possible to help Go's garbage collector "keep up". Implementors are encouraged not to rely on this. This issue is fixed in version 0.9.0.2023-03-03not yet calculatedCVE-2023-26483
MISC
MISC
MISC
MISC
vega -- vegaVega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale expression function passes a user supplied argument group to getScale, which is then used as if it were an internal context. The context.scales[name].value is accessed from group and called as a function back in scale. This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. This issue has been fixed in version 5.13.1.2023-03-04not yet calculatedCVE-2023-26486
MISC
MISC
MISC
MISC
MISC
vega -- vegaVega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consisting of 2nd and 3rd arguments as `push` call argument. The type of the 1st argument is supposed to be an array, but it's not enforced. This makes it possible to specify any object with a `push` function as the 1st argument, `push` function can be set to any function that can be access via `event.view` (no all such functions can be exploited due to invalid context or signature, but some can, e.g. `console.log`). The issue is that`lassoAppend` doesn't enforce proper types of its arguments. This issue opens various XSS vectors, but exact impact and severity depends on the environment (e.g. Core JS `setImmediate` polyfill basically allows `eval`-like functionality). This issue was patched in 5.23.0.2023-03-04not yet calculatedCVE-2023-26487
MISC
MISC
MISC
openzeppelin -- contractsOpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may overflow the balance as reported by `balanceOf`. The issue exclusively presents with batches of size 1. The issue has been patched in 4.8.2.2023-03-03not yet calculatedCVE-2023-26488
MISC
MISC
MISC
mailcow -- dockermailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to obtain shell access to the Docker container running dovecot. The imapsync Perl script implements all the necessary functionality for this feature, including the XOAUTH2 authentication mechanism. This code path creates a shell command to call openssl. However, since different parts of the specified user password are included without any validation, one can simply execute additional shell commands. Notably, the default ACL for a newly-created mailcow account does not include the necessary permission. The Issue has been fixed within the 2023-03 Update (March 3rd 2023). As a temporary workaround the Syncjob ACL can be removed from all mailbox users, preventing from creating or changing existing Syncjobs.2023-03-04not yet calculatedCVE-2023-26490
MISC
MISC
rsshub -- rsshubRSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version c910c4d28717fb860fbe064736641f379fab2c91. Please upgrade to this or a later version, there are no known workarounds.2023-03-03not yet calculatedCVE-2023-26491
MISC
MISC
directus -- directusDirectus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0.2023-03-03not yet calculatedCVE-2023-26492
MISC
MISC
MISC
bmc -- control-mA SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field.2023-02-25not yet calculatedCVE-2023-26550
MISC
asus -- asmb8_ikvmASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.2023-02-26not yet calculatedCVE-2023-26602
MISC
MISC
FULLDISC
systemd -- systemdsystemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.2023-03-03not yet calculatedCVE-2023-26604
MISC
MISC
MISC
vxcontrol -- soldrSOLDR (System of Orchestration, Lifecycle control, Detection and Response) 1.1.0 allows stored XSS via the module editor.2023-03-01not yet calculatedCVE-2023-26608
MISC
MISC
abus -- security_cameras_tvipABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.2023-02-27not yet calculatedCVE-2023-26609
MISC
MISC
FULLDISC
cleverstupiddog -- yf-examCleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution (RCE).2023-03-03not yet calculatedCVE-2023-26779
MISC
MISC
cleverstupiddog -- yf-examCleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection.2023-03-02not yet calculatedCVE-2023-26780
MISC
mattermost -- mattermostA missing permissions check in the /plugins/playbooks/api/v0/runs API in Mattermost allows an attacker to list and view playbooks belonging to a team they are not a member of.2023-02-27not yet calculatedCVE-2023-27263
MISC
mattermost -- mattermostA missing permissions check in Mattermost Playbooks in Mattermost allows an attacker to modify a playbook via the /plugins/playbooks/api/v0/playbooks/[playbookID] API.2023-02-27not yet calculatedCVE-2023-27264
MISC
mattermost -- mattermostMattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response.2023-02-27not yet calculatedCVE-2023-27265
MISC
mattermost -- mattermostMattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response.2023-02-27not yet calculatedCVE-2023-27266
MISC
ibm -- observability_with_instanaDocker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737.2023-03-03not yet calculatedCVE-2023-27290
MISC
MISC
opencats -- opencatsImproper neutralization of input during web page generation allows an unauthenticated attacker to submit malicious Javascript as the answer to a questionnaire which would then be executed when an authenticated user reviews the candidate's submission. This could be used to steal other users’ cookies and force users to make actions without their knowledge.2023-02-28not yet calculatedCVE-2023-27293
MISC
opencats -- opencatsImproper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious Javascript as the description for a calendar event, which would then be executed in other users' browsers if they browse to that event. This could result in stealing session tokens from users with higher permission levels or forcing users to make actions without their knowledge.2023-02-28not yet calculatedCVE-2023-27294
MISC
sudo -- sudoSudo before 1.9.13p2 has a double free in the per-command chroot feature.2023-02-28not yet calculatedCVE-2023-27320
MISC
MISC
MLIST
FEDORA
gnu -- libmicrohttpdGNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.2023-02-28not yet calculatedCVE-2023-27371
MISC
MISC
MISC
spip -- spipSPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.2023-02-28not yet calculatedCVE-2023-27372
MISC
MISC
MISC
DEBIAN
phpseclib -- math/primefield.phpMath/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop with composite primefields.2023-03-03not yet calculatedCVE-2023-27560
MISC
CONFIRM
opencontainers -- runcrunc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.2023-03-03not yet calculatedCVE-2023-27561
MISC
MISC
MISC
openl2d_project -- cubism_editorCubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file.2023-03-03not yet calculatedCVE-2023-27566
MISC
MISC
MISC
MISC
openbsd -- openbsdIn OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.2023-03-03not yet calculatedCVE-2023-27567
MISC
shadowsocks -- x-ngShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.2023-03-03not yet calculatedCVE-2023-27574
MISC
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.