Vulnerebility News 2023 -
H 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001
JANUARY(2541) FEBRUARY(2454) March(2777) April(2363) May(2756) June(2395) July(2357) August(2516) September(2825) October(2743) November() December()
|
28.12.23 |
CVE |
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
||
|
28.12.23 |
CVE |
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
||
|
28.12.23 |
CVE |
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
||
|
28.12.23 |
CVE |
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
||
|
28.12.23 |
CVE |
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 |
||
|
28.12.23 |
CVE |
The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) |
||
|
27.12.23 |
CVE |
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. | ||
|
27.12.23 |
CVE-2023-2868 |
CVE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. | |
|
27.12.23 |
CVE-2023-7102 |
CVE |
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic. | |
|
24.12.23 |
CVE-2023-46747 |
CVE |
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. | |
|
24.12.23 |
CVE-2017-11882 |
CVE |
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. | |
|
21.12.23 |
CVE-2023-2033 |
CVE |
(CVSS score: 8.8) - Type confusion in V8 | |
|
21.12.23 |
CVE-2023-2136 |
CVE |
(CVSS score: 9.6) - Integer overflow in Skia | |
|
21.12.23 |
CVE-2023-3079 |
CVE |
(CVSS score: 8.8) - Type confusion in V8 | |
|
21.12.23 |
CVE-2023-4762 |
CVE |
(CVSS score: 8.8) - Type confusion in V8 | |
|
21.12.23 |
CVE-2023-4863 |
CVE |
(CVSS score: 8.8) - Heap buffer overflow in WebP | |
|
21.12.23 |
CVE-2023-5217 |
CVE |
(CVSS score: 8.8) - Heap buffer overflow in vp8 encoding in libvpx | |
|
21.12.23 |
CVE-2023-6345 |
CVE |
(CVSS score: 9.6) - Integer overflow in Skia | |
|
19.12.23 |
CVE-2020-14883 |
CVE |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. | |
|
19.12.23 |
CVE-2020-14882 |
CVE |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. | |
|
19.12.23 |
CVE-2023-35384 |
CVE |
(CVSS score: 5.4) - Windows HTML Platforms Security Feature Bypass Vulnerability | |
|
19.12.23 |
CVE-2023-36710 |
CVE |
(CVSS score: 7.8) - Windows Media Foundation Core Remote Code Execution Vulnerability | |
|
19.12.23 |
CVE-2018-13379 |
CVE |
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. | |
|
15.12.23 |
CVE-2023-36742 |
CVE |
Visual Studio Code Remote Code Execution Vulnerability | |
|
15.12.23 |
CVE-2023-42325 |
CVE |
(CVSS score: 5.4) - An XSS vulnerability that allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page. | |
|
15.12.23 |
CVE-2023-42327 |
CVE |
(CVSS score: 5.4) - An XSS vulnerability that allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page. | |
|
15.12.23 |
CVE-2023-42326 |
CVE |
(CVSS score: 8.8) - A lack of validation that allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components. | |
|
14.12.23 |
CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
|
14.12.23 |
CVE-2023-23752 |
CVE |
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. | |
|
13.12.23 |
CVE-2023-36012 |
CVE |
(CVSS score: 5.3) - DHCP Server Service Information Disclosure Vulnerability | |
|
13.12.23 |
CVE-2023-35643 |
CVE |
(CVSS score: 7.5) - DHCP Server Service Information Disclosure Vulnerability | |
|
13.12.23 |
CVE-2023-35638 |
CVE |
(CVSS score: 7.5) - DHCP Server Service Denial-of-Service Vulnerability | |
|
13.12.23 |
CVE-2023-36019 |
CVE |
(CVSS score: 9.6) - Microsoft Power Platform Connector Spoofing Vulnerability | |
|
13.12.23 |
CVE-2023-35642 |
CVE |
(CVSS score: 6.5) - Internet Connection Sharing (ICS) Denial-of-Service Vulnerability | |
|
13.12.23 |
CVE-2023-35641 |
CVE |
(CVSS score: 8.8) - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | |
|
13.12.23 |
CVE-2023-35639 |
CVE |
(CVSS score: 8.8) - Microsoft ODBC Driver Remote Code Execution Vulnerability | |
|
13.12.23 |
CVE-2023-35636 |
CVE |
(CVSS score: 6.5) - Microsoft Outlook Information Disclosure Vulnerability | |
|
13.12.23 |
CVE-2023-35630 |
CVE |
(CVSS score: 8.8) - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | |
|
13.12.23 |
CVE-2023-35628 |
CVE |
(CVSS score: 8.1) - Windows MSHTML Platform Remote Code Execution Vulnerability | |
|
12.12.23 |
CVE-2023-45866 |
CVE |
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. | |
|
12.12.23 |
CVE-2023-50164 |
CVE |
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue. | |
|
11.12.23 |
CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
|
8.12.23 |
CVE-2023-45866 |
CVE |
[The HID Profile in multiple Bluetooth host stacks may accept connections with the HID control and HID interrupt channels of the HID Host role without MITM protection/mitigation and without user confirmation on the Central role device. | |
|
7.12.23 |
CVE-2023-26360 |
CVE |
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. | |
|
7.12.23 |
CVE-2022-1471 |
CVE |
(CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products | |
|
7.12.23 |
CVE-2023-22522 |
CVE |
(CVSS score: 9.0) - Remote code execution vulnerability in Confluence Data Center and Confluence Server (affects all versions including and after 4.0.0) | |
|
7.12.23 |
CVE-2023-22523 |
CVE |
(CVSS score: 9.8) - Remote code execution vulnerability in Assets Discovery for Jira Service Management Cloud, Server, and Data Center (affects all versions up to but not including 3.2.0-cloud / 6.2.0 data center and server) | |
|
7.12.23 |
CVE-2023-22524 |
CVE |
(CVSS score: 9.6) - Remote code execution vulnerability in Atlassian Companion app for macOS (affects all versions up to but not including 2.0.0) | |
|
6.12.23 |
CVE-2022-22071 |
CVE |
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |
|
6.12.23 |
CVE-2023-33063 |
CVE |
(CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP. | |
|
6.12.23 |
CVE-2023-33106 |
CVE |
(CVSS score: 8.4) - Memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | |
|
6.12.23 |
CVE-2023-33107 |
CVE |
(CVSS score: 8.4) - Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | |
|
5.12.23 |
CVE-2023-23397 |
CVE |
Microsoft Outlook Elevation of Privilege Vulnerability | |
|
5.12.23 |
CVE-2023-24023 |
CVE |
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. | |
|
5.12.23 |
CVE-2022-0543 |
CVE |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. | |
|
1.12.23 |
CVE-2023-37928 |
CVE |
A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | |
|
1.12.23 |
CVE-2023-37927 |
CVE |
The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | |
|
1.12.23 |
CVE-2023-35137 |
CVE |
An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device. | |
|
1.12.23 |
CVE-2023-4474 |
CVE |
(CVSS score: 9.8) - An improper neutralization of special elements vulnerability that could allow an unauthenticated attacker to execute some operating system commands by sending a crafted URL to a vulnerable device. | |
|
1.12.23 |
CVE-2023-4473 |
CVE |
(CVSS score: 9.8) - A command injection vulnerability in the web server that could allow an unauthenticated attacker to execute some operating system commands by sending a crafted URL to a vulnerable device. | |
|
1.12.23 |
CVE-2023-35138 |
CVE |
(CVSS score: 9.8) - A command injection vulnerability that could allow an unauthenticated attacker to execute some operating system commands by sending a crafted HTTP POST request. | |
|
1.12.23 |
CVE-2023-6345 |
CVE |
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | |
|
1.12.23 |
CVE-2023-42917 |
CVE |
A memory corruption bug that could result in arbitrary code execution when processing web content. | |
|
1.12.23 |
CVE-2023-42916 |
CVE |
An out-of-bounds read issue that could be exploited to leak sensitive information when processing web content. | |
|
29.11.23 |
CVE-2023-46604 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | |
|
29.11.23 |
CVE-2023-5217 |
CVE |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
|
29.11.23 |
CVE-2023-4863 |
CVE |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |
|
29.11.23 |
CVE-2023-3079 |
CVE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
|
29.11.23 |
CVE-2023-2033 |
CVE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
|
29.11.23 |
CVE-2023-6345 |
CVE |
CVE-2023-2136 is said to have "allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page." | |
|
29.11.23 |
CVE-2023-2136 |
CVE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
|
28.11.23 |
CVE-2023-46604 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. | |
|
25.11.23 |
CVE-2023-43177 |
CVE |
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes. | |
|
23.11.23 |
CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
|
23.11.23 |
CVE-2021-34466 |
CVE |
Windows Hello Security Feature Bypass Vulnerability | |
|
22.11.23 |
CVE-2023-4966 |
CVE |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | |
|
18.11.23 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. |
||
|
17.11.23 |
CVE |
FortiSIEM - Remote unauthenticated os command injection |
||
|
17.11.23 |
CVE |
(CVSS score: 5.4) - Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability |
||
|
17.11.23 |
CVE |
(CVSS score: 9.8) - Sophos Web Appliance Command Injection Vulnerability |
||
|
17.11.23 |
CVE |
(CVSS score: 8.8) - Oracle Fusion Middleware Unspecified Vulnerability |
||
|
17.11.23 |
CVE |
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. |
||
|
17.11.23 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. |
||
|
16.11.23 |
CVE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. |
||
|
16.11.23 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. |
||
|
15.11.23 |
CVE |
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. |
||
|
15.11.23 |
CVE |
Azure CLI REST Command Information Disclosure Vulnerability |
||
|
15.11.23 |
CVE |
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes |
||
|
15.11.23 |
CVE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
||
|
15.11.23 |
CVE |
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
||
|
15.11.23 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.11.23 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.11.23 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.11.23 |
CVE |
(CVSS score: 6.5) - Microsoft Office Security Feature Bypass Vulnerability |
||
|
15.11.23 |
CVE |
(CVSS score: 8.2) - ASP.NET Core Denial of Service Vulnerability |
||
|
15.11.23 |
CVE |
(CVSS score: 7.8) - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
||
|
15.11.23 |
CVE |
(CVSS score: 7.8) - Windows DWM Core Library Elevation of Privilege Vulnerability |
||
|
15.11.23 |
CVE |
(CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.11.23 |
CVE |
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. |
||
|
15.11.23 |
CVE |
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. |
||
|
15.11.23 |
CVE |
Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. |
||
|
15.11.23 |
CVE |
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
||
|
11.11.23 |
CVE |
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. |
||
|
11.11.23 |
CVE |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. |
||
|
11.11.23 |
CVE-2023-47246 |
CVE |
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. | |
| 9.11.23 | CVE-2023-29552 |
CVE |
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. | |
| 9.11.23 | CVE-2023-38831 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
| 7.11.23 | CVE-2023-46604 |
CVE |
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. | |
| 7.11.23 | CVE-2023-22515 |
CVE |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence | |
| 7.11.23 | CVE-2023-22518 |
CVE |
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. | |
| 7.11.23 | CVE-2023-41723 |
CVE |
A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. | |
| 7.11.23 | CVE-2023-38549 |
CVE |
A vulnerability in Veeam ONE allows a user with the Veeam ONE Power User role to obtain the access token of a user with the Veeam ONE Administrator role through the use of XSS. | |
| 7.11.23 | CVE-2023-38548 |
CVE |
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. | |
| 7.11.23 | CVE-2023-38547 |
CVE |
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database. | |
| 7.11.23 | CVE-2023-23369 |
CVE |
An OS command injection vulnerability has been reported to affect several QNAP operating system and application versions. If exploited, the vulnerability could allow remote attackers to execute commands via a network. | |
| 7.11.23 | CVE-2023-23368 |
CVE |
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute commands via a network. | |
| 4.11.23 | CVE-2017-9841 |
CVE |
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI. | |
| 4.11.23 | CVE-2023-32315 |
CVE |
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. | |
| 4.11.23 | CVE-2023-4911 |
CVE |
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | |
| 2.11.23 | CVE-2023-35841 |
CVE |
RadHwMgr.sys, rtif.sys, rtport.sys, stdcdrv64.sys, and TdkLib64.sys | |
| 2.11.23 | CVE-2023-20598 |
CVE |
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution. | |
| 2.11.23 | CVE-2023-46604 |
CVE |
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. | |
| 1.11.23 | CVE-2023-46747 |
CVE |
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |
|
27.10.23 |
CVE |
iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices |
||
|
27.10.23 |
CVE |
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. |
||
|
27.10.23 |
CVE |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
||
|
27.10.23 |
CVE |
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
||
|
27.10.23 |
CVE |
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. |
||
|
27.10.23 |
CVE |
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code. |
||
|
27.10.23 |
CVE |
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php. |
||
|
27.10.23 |
CVE |
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data. |
||
|
27.10.23 |
CVE |
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. |
||
|
25.10.23 |
CVE |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. |
||
|
25.10.23 |
CVE |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. |
||
|
25.10.23 |
CVE |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. |
||
|
25.10.23 |
CVE |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. |
||
|
25.10.23 |
CVE |
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. |
||
|
25.10.23 |
CVE |
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. |
||
|
25.10.23 |
CVE |
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. |
||
|
25.10.23 |
CVE |
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are providing enhanced detection for the presence of the implant. |
||
|
25.10.23 |
CVE |
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. |
||
| 21.10.23 | CVE-2023-20273 |
CVE |
(CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. | |
| 20.10.23 | CVE-2021-26411 |
CVE |
Internet Explorer Memory Corruption Vulnerability | |
| 20.10.23 | CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
| 20.10.23 | CVE-2023-38831 |
CVE |
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
| 20.10.23 | CVE-2023-4966 |
CVE |
(CVSS score: 9.4), the vulnerability impacts the following supported versions | |
|
19.10.23 |
CVE |
CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as `root` on CasaOS instances. | ||
|
19.10.23 |
CVE |
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as `root` on CasaOS instances. | ||
|
19.10.23 |
CVE-2023-2729 |
CVE |
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors. | |
|
17.10.23 |
CVE-2023-43261 |
CVE |
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. | |
|
17.10.23 |
CVE-2021-1435 |
CVE |
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. | |
|
17.10.23 |
CVE-2023-20198 |
CVE |
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. | |
|
17.10.23 |
CVE-2023-38831 |
CVE |
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
|
14.10.23 |
CVE |
Windows Search Remote Code Execution Vulnerability |
||
| 12.10.23 | CVE-2023-38546 |
CVE |
(CVSS score: 5.0) - Cookie injection with none file | |
| 12.10.23 | CVE-2023-38545 |
CVE |
(CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability | |
| 12.10.23 | CVE-2023-3169 |
CVE |
The tagDiv Composer WordPress plugin before 4.2, used as a companion by the Newspaper and Newsmag themes from tagDiv, does not have authorisation in a REST route and does not validate as well as escape some parameters when outputting them back, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks. | |
| 12.10.23 | CVE-2023-26369 |
CVE |
Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
| 12.10.23 | CVE-2023-21608 |
CVE |
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
| 11.10.23 | CVE-2023-41763 |
CVE |
(CVSS score: 5.3) - A privilege escalation vulnerability in Skype for Business that could lead to exposure of sensitive information such as IP addresses or port numbers (or both), enabling threat actors to gain access to internal networks | |
| 11.10.23 | CVE-2023-36563 |
CVE |
(CVSS score: 6.5) - An information disclosure vulnerability in Microsoft WordPad that could result in the leak of NTLM hashes | |
| 11.10.23 | CVE-2023-22515 |
CVE |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. | |
| 11.10.23 | CVE-2023-44487 |
CVE |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |
| 10.10.23 | CVE-2023-3420 |
CVE |
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| 10.10.23 | CVE-2023-43641 |
CVE |
libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. | |
| 10.10.23 | CVE-2023-3519 |
CVE |
Unauthenticated remote code execution | |
| 10.10.23 | CVE-2023-33378 |
CVE |
(CVSS score: 8.6) - An argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | |
| 10.10.23 | CVE-2023-33377 |
CVE |
(CVSS score: 8.6) - An operating system command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | |
| 10.10.23 | CVE-2023-33376 |
CVE |
(CVSS score: 8.6) - An argument injection vulnerability in its ip tables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices. | |
| 10.10.23 | CVE-2023-33375 |
CVE |
(CVSS score: 8.6) - A stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices. | |
| 10.10.23 | CVE-2023-38546 |
CVE |
Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets | |
| 10.10.23 | CVE-2023-38545 |
CVE |
CVE-2023-38545, A High Severity cURL and libcurl CVE, to be published on October 11th | |
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. The attacker poisons the administrator’s browser cookies and local storage to create a new user. |
||
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. |
||
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. |
||
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. |
||
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. |
||
|
6.10.23 |
CVE |
An attacker could send a phishing link that does not require login, tricking BMC administrators to click on that link while they are still logged in and thus authenticated by BMC Web UI. |
||
|
6.10.23 |
CVE |
An attacker needs to be logged into BMC with administrator privileges to exploit the vulnerability. An unvalidated input value could allow the attacker to perform command injection. |
||
|
6.10.23 |
CVE |
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. |
||
|
6.10.23 |
CVE |
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. |
||
|
5.10.23 |
CVE |
(CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability |
||
|
5.10.23 |
CVE |
(CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability |
||
|
5.10.23 |
CVE |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
5.10.23 |
CVE |
The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3. A local attacker may be able to elevate their privileges. |
||
|
5.10.23 |
CVE |
CVE-2023-22515 - Privilege Escalation Vulnerability in Confluence Data Center and Server |
||
|
4.10.23 |
CVE-2022-1471 |
CVE |
(CVSS score: 9.9) - Use of an insecure version of the SnakeYAML open-source library that allows for unsafe deserialization of Java objects | |
|
4.10.23 |
CVE-2023-43654 |
CVE |
(CVSS score: 9.8) - A remote server-side request forgery (SSRF) that leads to remote code execution. | |
|
4.10.23 |
CVE |
ShellTorch: Multiple Critical Vulnerabilities in PyTorch Model Server (TorchServe) (CVSS 9.9, CVSS 9.8) Threatens Countless AI Users - Immediate Action Required |
||
|
4.10.23 |
CVE |
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. |
||
|
4.10.23 |
CVE |
(CVSS score: 9.8) - Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. |
||
|
4.10.23 |
CVE |
(CVSS score: 9.1) - Cryptographic issue in Data Modem due to improper authentication during TLS handshake. |
||
|
4.10.23 |
CVE |
(CVSS score: 9.8) - Memory corruption in Modem while processing security related configuration before AS Security Exchange. |
||
|
3.10.23 |
CVE-2023-34970 |
CVE |
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system's memory is carefully prepared by the user, then this, in turn, could give them access to already freed memory. | |
|
3.10.23 |
CVE-2023-33200 |
CVE |
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system's memory is carefully prepared by the user, then this in turn could give them access to already freed memory. | |
|
3.10.23 |
CVE-2023-4211 |
CVE |
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | |
|
3.10.23 |
CVE |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
||
|
3.10.23 |
CVE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
||
|
3.10.23 |
CVE |
OpenRefine is a free, open source tool for data processing. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution in the context of the OpenRefine process if a user can be convinced to import it. |
||
| 1.10.23 | CVE-2023-20262 |
CVE |
(CVSS score: 5.3) - Denial-of-Service Vulnerability | |
| 1.10.23 | CVE-2023-20254 |
CVE |
(CVSS score: 7.2) - Authorization Bypass Vulnerability | |
| 1.10.23 | CVE-2023-20034 |
CVE |
(CVSS score: 7.5) - Information Disclosure Vulnerability | |
| 1.10.23 | CVE-2023-20253 |
CVE |
(CVSS score: 8.4) - Unauthorized Configuration Rollback Vulnerability | |
| 1.10.23 | CVE-2023-20252 |
CVE |
(CVSS score: 9.8) - Unauthorized Access Vulnerability | |
| 1.10.23 | CVE-2023-20109 |
CVE |
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. | |
| 30.9.23 | CVE-2023-42114 |
CVE |
(CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability | |
| 30.9.23 | CVE-2023-42115 |
CVE |
(CVSS score: 9.8) - Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| 30.9.23 | CVE-2023-42116 |
CVE |
(CVSS score: 8.1) - Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability | |
| 30.9.23 | CVE-2023-42117 |
CVE |
(CVSS score: 8.1) - Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability | |
| 30.9.23 | CVE-2023-42118 |
CVE |
(CVSS score: 7.5) - Exim libspf2 Integer Underflow Remote Code Execution Vulnerability | |
| 30.9.23 | CVE-2023-42119 |
CVE |
(CVSS score: 3.1) - Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability | |
| 30.9.23 | CVE-2023-40049 |
CVE |
(CVSS score: 5.3) - An authentication bypass vulnerability that allows users to enumerate files under the 'WebServiceHost' directory listing. | |
| 30.9.23 | CVE-2022-27665 |
CVE |
(CVSS score: 6.1) - A reflected cross-site scripting (XSS) vulnerability in Progress Ipswitch WS_FTP Server 8.6.0 that can lead to execution of malicious code and commands on the client. | |
| 30.9.23 | CVE-2023-40048 |
CVE |
(CVSS score: 6.8) - A cross-site request forgery (CSRF) vulnerability in the WS_FTP Server Manager interface. | |
| 30.9.23 | CVE-2023-40046 |
CVE |
(CVSS score: 8.2) - An SQL injection vulnerability in the WS_FTP Server manager interface that could be exploited to infer information stored in the database and execute SQL statements that alter or delete its contents. | |
| 30.9.23 | CVE-2023-40047 |
CVE |
(CVSS score: 8.3) - A stored cross-site scripting (XSS) vulnerability exists in the WS_FTP Server's Management module that could be exploited by an attacker with admin privileges to import an SSL certificate with malicious attributes containing XSS payloads that could then be triggered in victim's browser. | |
| 30.9.23 | CVE-2023-40045 |
CVE |
(CVSS score: 8.3) - A reflected cross-site scripting (XSS) vulnerability in the WS_FTP Server's Ad Hoc Transfer module that could be exploited to execute arbitrary JavaScript within the context of the victim's browser. | |
| 30.9.23 | CVE-2023-42657 |
CVE |
(CVSS score: 9.9) - A directory traversal vulnerability that could be exploited to perform file operations. | |
| 30.9.23 | CVE-2023-40044 |
CVE |
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. | |
| 30.9.23 | CVE-2023-2033 |
CVE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| 30.9.23 | CVE-2023-4863 |
CVE |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | |
| 30.9.23 | CVE-2023-3079 |
CVE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| 30.9.23 | CVE-2023-2136 |
CVE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| 30.9.23 | GPU.zip |
CVE |
GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression | |
| 30.9.23 | CVE-2022-22706 |
CVE |
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. | |
| 30.9.23 | CVE-2022-3038 |
CVE |
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| 30.9.23 | CVE-2022-4262 |
CVE |
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| 30.9.23 | CVE-2023-26083 |
CVE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0 | |
| 30.9.23 | CVE-2023-0266 |
CVE |
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. | |
| 30.9.23 | CVE-2023-5129 |
CVE |
||
| 30.9.23 | CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
|
22.9.23 |
CVE-2023-4236 |
CVE |
(CVSS score: 7.5) - The named service may terminate unexpectedly under high DNS-over-TLS query load (fixed in versions 9.18.19 and 9.18.19-S1) | |
|
22.9.23 |
CVE-2023-3341 |
CVE |
(CVSS score: 7.5) - A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly (fixed in versions 9.16.44, 9.18.19, 9.19.17, 9.16.44-S1, and 9.18.19-S1) | |
|
22.9.23 |
CVE-2023-28709 |
CVE |
(CVSS score: 7.5) - A DoS flaw in Apache Tomcat server impacting Bamboo Data Center and Server | |
|
22.9.23 |
CVE-2023-22513 |
CVE |
(CVSS score: 8.5) - A RCE flaw in Bitbucket Data Center and Server | |
|
22.9.23 |
CVE-2023-22512 |
CVE |
(CVSS score: 7.5) - A DoS flaw in Confluence Data Center and Server | |
|
22.9.23 |
CVE-2022-25647 |
CVE |
(CVSS score: 7.5) - A deserialization flaw in the Google Gson package impacting Patch Management in Jira Service Management Data Center and Server | |
|
22.9.23 |
CVE-2023-41993 |
CVE |
The issue was addressed with improved checks. This issue is fixed in iOS 16.7 and iPadOS 16.7, iOS 17.0.1 and iPadOS 17.0.1, Safari 16.6.1. Processing web content may lead to arbitrary code execution. | |
|
22.9.23 |
CVE-2023-41992 |
CVE |
The issue was addressed with improved checks. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, macOS Monterey 12.7, watchOS 10.0.1. | |
|
22.9.23 |
CVE-2023-41991 |
CVE |
A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, watchOS 10.0.1. | |
|
22.9.23 |
CVE-2023-38831 |
CVE |
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
|
22.9.23 |
CVE-2023-25157 |
CVE |
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | |
|
20.9.23 |
CVE-2023-3932 |
CVE |
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies. | |
|
20.9.23 |
CVE-2023-5009 |
CVE |
(CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4. | |
|
20.9.23 |
CVE-2023-28434 |
CVE |
(CVSS score: 8.8) - MinIO Security Feature Bypass Vulnerability | |
|
20.9.23 |
CVE-2022-31463 |
CVE |
(CVSS score: 7.1) - Owl Labs Meeting Owl Improper Authentication Vulnerability | |
|
20.9.23 |
CVE-2022-31462 |
CVE |
(CVSS score: 8.8) - Owl Labs Meeting Owl Use of Hard-coded Credentials Vulnerability | |
|
20.9.23 |
CVE-2022-31461 |
CVE |
(CVSS score: 6.5) - Owl Labs Meeting Owl Missing Authentication for Critical Function Vulnerability | |
|
20.9.23 |
CVE-2022-31459 |
CVE |
(CVSS score: 6.5) - Owl Labs Meeting Owl Inadequate Encryption Strength Vulnerability | |
|
20.9.23 |
CVE-2022-22265 |
CVE |
(CVSS score: 7.8) - Samsung Mobile Devices Use-After-Free Vulnerability | |
|
20.9.23 |
CVE-2021-3129 |
CVE |
(CVSS score: 9.8) - Laravel Ignition File Upload Vulnerability | |
|
20.9.23 |
CVE-2017-6884 |
CVE |
(CVSS score: 8.8) - Zyxel EMG2926 Routers Command Injection Vulnerability | |
|
20.9.23 |
CVE |
Realtek SDK Improper Input Validation Vulnerability | ||
|
20.9.23 |
CVE-2023-41179 |
CVE |
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. | |
|
19.9.23 |
CVE-2023-36847 |
CVE |
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. | |
|
19.9.23 |
CVE-2023-36846 |
CVE |
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. | |
|
19.9.23 |
CVE-2023-36845 |
CVE |
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. | |
|
19.9.23 |
CVE-2023-36844 |
CVE |
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. | |
|
16.9.23 |
CVE-2023-29491 |
CVE |
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | |
|
14.9.23 |
CVE |
This is the git repository for our research on command injections in the subpath feature of kubernetes. |
||
|
14.9.23 |
CVE |
(CVSS score: 4.5) - Azure Apache Hadoop Spoofing Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 4.5) - Azure Apache Ambari Spoofing Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 4.5) - Azure Apache Oozie Spoofing Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 4.6) - Azure HDInsight Jupyter Notebook Spoofing Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 4.5) - Azure Apache Hive Spoofing Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 7.8) - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability |
||
|
14.9.23 |
CVE |
(CVSS score: 6.2) - Microsoft Word Information Disclosure Vulnerability |
||
|
14.9.23 |
CVE |
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
||
|
13.9.23 |
CVE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
13.9.23 |
CVE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
||
|
13.9.23 |
CVE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
13.9.23 |
CVE |
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
||
|
10.9.23 |
CVE |
For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. |
||
|
9.9.23 |
CVE |
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. |
||
|
9.9.23 |
CVE |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5.2, iOS 16.6.1 and iPadOS 16.6.1. Processing a maliciously crafted image may lead to arbitrary code execution. |
||
|
9.9.23 |
CVE |
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. |
||
|
9.9.23 |
CVE |
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only |
||
|
9.9.23 |
CVE |
In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006. |
||
|
9.9.23 |
CVE |
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). |
||
|
9.9.23 |
CVE |
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). |
||
|
9.9.23 |
CVE |
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets |
||
|
9.9.23 |
CVE |
A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. |
||
|
9.9.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879. |
||
|
9.9.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-33771. |
||
|
9.9.23 |
CVE |
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. |
||
|
9.9.23 |
CVE |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier |
||
|
9.9.23 |
CVE |
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4. |
||
|
7.9.23 |
CVE-2023-27524 | Vulnerebility | CVE | Session Validation attacks in Apache Superset versions up to and including 2.0.1. |
|
7.9.23 |
CVE-2023-30776 | Vulnerebility | CVE | An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. |
|
7.9.23 |
CVE-2023-36388 | Vulnerebility | CVE | Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF. |
|
7.9.23 |
CVE-2023-37941 | Vulnerebility | CVE | If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend. |
|
7.9.23 |
CVE-2023-39265 | Vulnerebility | CVE | Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. |
|
7.9.23 |
CVE-2023-35674 | Vulnerebility | CVE | Android Zero-Day CVE-2023-35674 Exploited in Attacks, Now Fixed |
|
6.9.23 |
CVE |
Minio is a Multi-Cloud Object Storage framework. |
||
|
6.9.23 |
CVE |
Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE. |
||
|
3.9.23 |
CVE-2023-20890 | Vulnerebility |
CVE |
Aria Operations for Networks contains an arbitrary file write vulnerability. |
|
3.9.23 |
CVE-2023-34039 | Vulnerebility |
CVE |
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. |
|
31.8.23 |
CVE |
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. |
||
|
31.8.23 |
CVE |
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. |
||
|
31.8.23 |
CVE |
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. |
||
|
31.8.23 |
CVE |
Apache RocketMQ Remote Code Execution Vulnerability |
||
|
31.8.23 |
CVE |
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. |
||
|
31.8.23 |
CVE |
Aria Operations for Networks contains a command injection vulnerability. |
||
|
31.8.23 |
CVE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 |
||
|
25.8.23 |
CVE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. |
||
| 24.8.23 | CVE-2023-38831 |
CVE |
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
| 24.8.23 | CVE-2023-32315 |
CVE |
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. | |
|
22.8.23 |
CVE |
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. |
||
|
22.8.23 |
CVE |
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. |
||
|
21.8.23 |
CVE |
(CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. |
||
| 19.8.23 | CVE-2023-36847 |
CVE |
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. | |
| 19.8.23 | CVE-2023-36846 |
CVE |
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. | |
| 19.8.23 | CVE-2023-36845 |
CVE |
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. | |
| 19.8.23 | CVE-2023-36844 |
CVE |
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. | |
| 19.8.23 | CVE-2021-22205 |
CVE |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. | |
| 19.8.23 | CVE-2023-32560 |
CVE |
(CVSS score: 9.8), are stack-based buffer overflows in Ivanti Avalanche WLAvanacheServer.exe v6.4.0.0. | |
| 19.8.23 | CVE-2023-3519 |
CVE |
Unauthenticated remote code execution | |
| 19.8.23 | CVE-2023-38257 |
CVE |
(CVSS score: 7.5) - An insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords. | |
| 19.8.23 | CVE-2023-35763 |
CVE |
(CVSS score: 5.5) - A cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext. | |
| 19.8.23 | CVE-2023-35189 |
CVE |
(CVSS score: 10.0) - A remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it. | |
| 19.8.23 | CVE-2023-33871 |
CVE |
(CVSS score: 7.5) - A directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the server's webroot. | |
| 14.8.23 | CVE-2022-24086 |
CVE |
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. | |
|
13.8.23 |
CVE |
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. |
||
|
12.8.23 |
CVE |
Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS |
||
|
12.8.23 |
CVE |
(CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. |
||
|
11.8.23 |
CVE |
Windows Print Spooler Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. |
||
|
11.8.23 |
CVE |
Windows Print Spooler Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. |
||
|
11.8.23 |
CVE |
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
||
|
11.8.23 |
CVE |
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. |
||
|
11.8.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
Windows Kernel Elevation of Privilege Vulnerability |
||
|
11.8.23 |
CVE |
.NET and Visual Studio Denial of Service Vulnerability |
||
|
11.8.23 |
CVE |
Microsoft Exchange Server Remote Code Execution Vulnerability |
||
|
11.8.23 |
CVE |
Microsoft Exchange Server Remote Code Execution Vulnerability |
||
|
11.8.23 |
CVE |
Microsoft Exchange Server Remote Code Execution Vulnerability |
||
|
11.8.23 |
CVE |
In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the remote code execution vulnerability. |
||
|
5.8.23 |
CVE |
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). |
||
|
5.8.23 |
CVE |
PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files. |
||
|
3.8.23 |
CVE |
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited. |
||
|
3.8.23 |
CVE |
Unauthenticated remote code execution |
||
|
3.8.23 |
CVE |
(CVSS score: 7.2) - A path traversal vulnerability is discovered in Ivanti EPMM that allows an attacker to write arbitrary files onto the appliance. |
||
|
3.8.23 |
CVE |
(CVSS score: 10.0) - An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. |
||
|
3.8.23 |
CVE |
CVE |
||
|
2.8.23 |
CVE |
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration |
||
|
31.7.23 |
CWE |
CWE |
||
|
31.7.23 |
CWE |
CWE |
||
|
31.7.23 |
CWE |
CWE |
||
|
31.7.23 |
CWE |
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions. |
||
|
30.7.23 |
CWE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. |
||
|
30.7.23 |
CWE |
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. |
||
|
28.7.23 |
CWE |
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. |
||
|
27.7.23 |
CWE |
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem |
||
|
27.7.23 |
CWE |
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. |
||
|
27.7.23 |
CWE |
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. |
||
|
27.7.23 |
CWE |
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem |
||
|
27.7.23 |
CWE |
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels |
||
|
27.7.23 |
CWE |
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs," an unprivileged user may set privileged extended attributes on the mounted files |
||
|
26.7.23 |
CWE |
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. |
||
|
25.7.23 |
CWE |
A flaw in the authentication algorithm allows attackers to set the Derived Cypher Key (DCK) to 0. |
||
|
25.7.23 |
CWE |
The Air Interface Encryption (AIE) keystream generator relies on the network time, which is publicly broadcast in an unauthenticated manner. |
||
|
25.7.23 |
CWE |
The TEA1 algorithm has a backdoor that reduces the original 80-bit key to a key size which is trivially brute-forceable on consumer hardware in minutes. |
||
|
25.7.23 |
CWE |
The cryptographic scheme used to obfuscate radio identities has a weak design that allows attackers to deanonymize and track users. |
||
|
25.7.23 |
CWE |
Lack of ciphertext authentication on AIE allows for malleability attacks. |
||
|
25.7.23 |
CWE |
All x86-64 CPUs have a set of 128-bit vector registers called the XMM registers. |
||
|
25.7.23 |
CWE |
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. |
||
|
25.7.23 |
CWE |
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversa.. |
||
|
25.7.23 |
CWE |
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. |
||
|
25.7.23 |
CWE |
An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user |
||
|
25.7.23 |
CWE |
(CVSS score: 7.5) - Injection, RCE (Remote Code Execution) in Bamboo (Fixed in versions 9.2.3 and 9.3.1) |
||
|
25.7.23 |
CWE |
(CVSS score: 8.5) - RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 7.19.8 and 8.2.0) |
||
|
25.7.23 |
CWE |
(CVSS score: 8.0) - RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 8.3.2 and 8.4.0) |
||
|
25.7.23 |
CWE |
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account. |
||
|
25.7.23 |
CWE |
A memory corruption issue was addressed with improved state management. |
||
|
25.7.23 |
CWE |
An integer overflow was addressed with improved input validation. |
||
|
25.7.23 |
CWE |
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server.. |
||
|
25.7.23 |
CWE |
Microsoft Outlook Elevation of Privilege Vulnerability |
||
|
25.7.23 |
CWE |
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs. |
||
|
25.7.23 |
CWE |
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. |
||
|
24.7.23 |
CWE |
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. |
||
|
24.7.23 |
CWE |
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path |
||
| 21.7.23 | CVE-2023-28771 |
CWE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73 | |
| 21.7.23 | CVE-2023-3519 |
CWE |
Unauthenticated remote code execution | |
| 21.7.23 | CVE-2023-34330 |
CWE |
(CVSS score: 8.2) - Code injection via dynamic Redfish extension interface | |
| 21.7.23 | CVE-2023-34329 |
CWE |
(CVSS score: 9.1) - Authentication bypass via HTTP header spoofing | |
| 21.7.23 | CVE-2023-29246 |
CWE |
(CVSS score: 7.2) - A NULL byte (%00) injection that allows an attacker with admin privileges to gain code execution | |
| 21.7.23 | CVE-2023-29032 |
CWE |
(CVSS score: 8.1) - An authentication bypass that leads to unrestricted access via invitation hash | |
| 21.7.23 | CVE-2023-28936 |
CWE |
(CVSS score: 5.3) - Insufficient check of invitation hash | |
|
20.7.23 |
CVE-2022-0543 |
CWE |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. | |
|
20.7.23 |
CWE |
CVSS score: 9.8 that could lead to remote code execution and a second improper access control flaw that could also pave the way for a security bypass |
||
|
20.7.23 |
CWE |
CVSS score: 7.5 has been described as an instance of improper access control that could result in a security bypass. |
||
|
20.7.23 |
CWE |
CVSS score: 9.8 that could lead to remote code execution and a second improper access control flaw that could also pave the way for a security bypass |
||
|
19.7.23 |
CWE |
(CVSS score: 8.0) - An improper privilege management vulnerability resulting in privilege escalation to the root administrator (nsroot) |
||
|
19.7.23 |
CWE |
(CVSS score: 8.3) - An improper input validation vulnerability resulting in a reflected cross-site scripting (XSS) attack |
||
|
19.7.23 |
CWE |
(CVSS score: 9.8), the issue relates to a case of code injection that could result in unauthenticated remote code execution. |
||
|
18.7.23 |
CWE |
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. |
||
|
18.7.23 |
CWE |
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. |
||
|
17.7.23 |
CWE |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. |
||
|
17.7.23 |
CWE |
Microsoft MSHTML Remote Code Execution Vulnerability |
||
|
15.7.23 |
CWE |
ROZCOM client CWE-798: Use of Hard-coded Credentials |
||
|
15.7.23 |
CWE |
ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request. |
||
|
15.7.23 |
CWE |
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). |
||
|
15.7.23 |
CWE |
Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0. |
||
|
15.7.23 |
CWE |
EaseProbe is a tool that can do health/status checking. An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking |
||
|
14.7.23 |
CWE |
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. |
||
|
14.7.23 |
CWE |
VMware Fusion contains a local privilege escalation vulnerability. |
||
|
14.7.23 |
CWE |
(CVSS score: 7.5) - An out-of-bounds write flaw impacting 1756 EN4* products that could lead to a DoS condition through maliciously crafted CIP messages. |
||
|
14.7.23 |
CWE |
CVSS score: 9.8) - An out-of-bounds write flaw impacting 1756 EN2* and 1756 EN3* products that could result in arbitrary code execution with persistence.. |
||
|
14.7.23 |
CWE |
(CVSS score: 9.4) - Cloud App Security (CAS) Authentication Bypass |
||
|
14.7.23 |
CWE |
(CVSS score: 9.8) - Password Hash Read via Web Service |
||
|
14.7.23 |
CWE |
(CVSS score: 9.8) - Multiple Unauthenticated SQL Injection Issues and Security Filter Bypass |
||
|
14.7.23 |
CWE |
(CVSS score: 9.4) - Web Service Authentication Bypass |
||
|
13.7.23 |
CWE |
Malicious use of Microsoft-signed drivers for post-exploitation activity (no CVE assigned) |
||
|
13.7.23 |
CWE |
(CVSS score: 8.3) - Office and Windows HTML Remote Code Execution Vulnerability (Also publicly known at the time of the release) |
||
|
13.7.23 |
CWE |
(CVSS score: 7.8) - Windows Error Reporting Service Elevation of Privilege Vulnerability |
||
|
13.7.23 |
CWE |
(CVSS score: 8.8) - Microsoft Outlook Security Feature Bypass Vulnerability |
||
|
13.7.23 |
CWE |
(CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
13.7.23 |
CWE |
(CVSS score: 7.8) - Windows MSHTML Platform Elevation of Privilege Vulnerability |
||
| 11.7.23 | CVE-2023-32439 |
CWE |
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |
| 11.7.23 | CVE-2023-32434 |
CWE |
An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | |
| 11.7.23 | CVE-2023-32435 |
CWE |
Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | |
| 11.7.23 | CVE-2023-37450 |
CWE |
Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |
|
8.7.23 |
CWE |
In Progress MOVEit Transfer versions released before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8.. |
||
|
8.7.23 |
CWE |
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4.. |
||
|
8.7.23 |
CWE |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1)... |
||
|
8.7.23 |
CWE |
In Progress MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8) |
||
|
8.7.23 |
CWE |
This allows attackers to create and overwrite any file Mastodon has access to, allowing Denial of Service and arbitrary Remote Code Execution. |
||
|
7.7.23 |
CVE-2023-21250 |
CWE |
CWE |
|
|
7.7.23 |
CWE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process.. |
||
|
7.7.23 |
CWE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions |
||
|
7.7.23 |
CWE |
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server |
||
|
7.7.23 |
CWE |
CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date. |
||
|
4.7.23 |
CWE |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below... |
||
| 3.7.23 | CVE-2021-25394 |
CWE |
(CVSS score: 6.4) - Samsung mobile devices race condition vulnerability | |
| 3.7.23 | CVE-2021-25395 |
CWE |
(CVSS score: 6.4) - Samsung mobile devices race condition vulnerability | |
| 3.7.23 | CVE-2021-25371 |
CWE |
(CVSS score: 6.7) - An unspecified vulnerability in the DSP driver used in Samsung mobile devices that allows loading of arbitrary ELF libraries | |
| 3.7.23 | CVE-2021-25372 |
CWE |
(CVSS score: 6.7) - Samsung mobile devices improper boundary check within the DSP driver in Samsung mobile devices | |
| 3.7.23 | CVE-2021-25487 |
CWE |
(CVSS score: 7.8) - Samsung mobile devices out-of-bounds read vulnerability leading to arbitrary code execution | |
| 3.7.23 | CVE-2021-25489 |
CWE |
(CVSS score: 5.5) - Samsung Mobile devices improper input validation vulnerability resulting in kernel panic | |
| 3.7.23 | CVE-2019-17621 |
CWE |
(CVSS score: 9.8) - An unauthenticated remote code execution vulnerability in D-Link DIR-859 Router | |
| 3.7.23 | CVE-2019-20500 |
CWE |
(CVSS score: 7.8) - An authenticated OS command injection vulnerability in D-Link DWL-2600AP | |
|
1.7.23 |
CWE |
A vulnerability was found in Ultimate Member Plugin up to 2.6.6 on WordPress (WordPress Plugin) and classified as problematic. |
||
|
30.6.23 |
CWE |
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions... |
||
|
28.6.23 |
CWE |
Soko if the code that powers packages.gentoo.org. |
||
|
27.6.23 |
CWE |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, |
||
|
27.6.23 |
CWE |
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows |
||
|
26.6.23 |
CWE |
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. |
||
|
26.6.23 |
CWE |
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. |
||
|
26.6.23 |
CWE |
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting |
||
|
26.6.23 |
CWE |
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability |
||
|
24.6.23 |
CWE |
Secure Boot Security Feature Bypass Vulnerability |
||
|
24.6.23 |
CWE |
Secure Boot Security Feature Bypass Vulnerability |
||
|
22.6.23 |
CWE |
CWE |
||
|
22.6.23 |
CWE |
A memory corruption vulnerability in WebKit that could lead to arbitrary code execution when processing specially crafted web content |
||
|
22.6.23 |
CWE |
An integer overflow vulnerability in the Kernel that could be exploited by a malicious app to execute arbitrary code with kernel privileges. |
||
|
22.6.23 |
CWE |
Aria Operations for Networks contains a command injection vulnerability. |
||
|
22.6.23 |
CWE |
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, |
||
|
22.6.23 |
CWE |
CWE |
||
|
22.6.23 |
CWE |
CWE |
||
|
22.6.23 |
CWE |
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data. |
||
|
22.6.23 |
CWE |
An adversary-in-the-middle (AitM) flaw that could lead to a hijack of a user's session. |
||
|
22.6.23 |
CWE |
A stack-based buffer overflow vulnerability that could be exploited by an attacker with admin privileges to execute arbitrary system commands |
||
|
22.6.23 |
CWE |
A command injection flaw that could be exploited by a local attacker to execute arbitrary system commands, disrupt system, or terminate service. |
||
|
22.6.23 |
CWE |
The use of an out-of-date libusrsctp library that could open targeted devices to other attacks. |
||
|
22.6.23 |
CWE |
A denial-of-service (DoS) vulnerability that could be triggered by sending a specially-crafted network packet. |
||
|
22.6.23 |
CWE |
An information disclosure vulnerability that could be exploited to access sensitive information by sending specially-crafted network packets. |
||
|
22.6.23 |
CWE |
An authentication bypass vulnerability that could permit an attacker to send malicious HTTP requests to gain full administrative access to the device. |
||
|
22.6.23 |
CWE |
A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin. |
||
|
22.6.23 |
CWE |
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. |
||
| 16.6.23 | CVE-2023-34362 |
CWE |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1) | |
| 16.6.23 | CVE-2023-35036 |
CWE |
In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2). | |
| 16.6.23 | CVE-2023-2868 |
CWE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. | |
| 16.6.23 |
CWE |
VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. |
||
| 14.6.23 | CVE-2023-34000 |
CWE |
Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin <= 7.4.0 versions. | |
| 14.6.23 | CVE-2023-32031 |
CWE |
Microsoft Exchange Server Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-28310 |
CWE |
Microsoft Exchange Server Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-28250 |
CWE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-32015 |
CWE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-32014 |
CWE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-29363 |
CWE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
| 14.6.23 | CVE-2023-29357 |
CWE |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |
| 14.6.23 | CVE-2023-3079 |
CWE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| 13.6.23 | CVE-2023-27997 |
CWE |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below. | |
| 13.6.23 | CVE-2023-28299 |
CWE |
Visual Studio Spoofing Vulnerability | |
|
12.6.23 |
CVE-2023-27997 |
CWE |
CWE | |
|
10.6.23 |
CVE-2023-29336 |
CWE |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | |
|
10.6.23 |
CVE-2023-34362 |
CWE |
Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. | |
|
10.6.23 |
CWE |
CWE |
||
|
10.6.23 |
CWE |
CWE |
||
|
10.6.23 |
CWE |
Aria Operations for Networks contains an information disclosure vulnerability. |
||
|
10.6.23 |
CWE |
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). |
||
|
10.6.23 |
CWE |
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). |
||
|
10.6.23 |
CWE |
RenderDoc through 1.26 allows local privilege escalation via a symlink attack. |
||
|
10.6.23 |
CWE |
Aria Operations for Networks contains an authenticated deserialization vulnerability. |
||
|
10.6.23 |
CWE |
Aria Operations for Networks contains a command injection vulnerability. |
||
|
10.6.23 |
CWE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. |
||
|
8.6.23 |
CWE |
The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH. |
||
|
8.6.23 |
CVE-2023-27989 |
CWE |
A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |
|
8.6.23 |
CVE-2022-45853 |
CWE |
The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH. | |
|
8.6.23 |
CVE-2023-27989 |
CWE |
A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |
|
8.6.23 |
CWE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions. |
||
|
8.6.23 |
CWE |
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1. |
||
|
8.6.23 |
CWE |
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25. |
||
|
8.6.23 |
CWE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
8.6.23 |
CWE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
||
|
8.6.23 |
CWE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
7.6.23 |
CWE |
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. |
||
|
7.6.23 |
CWE |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1). |
||
|
3.6.23 |
CWE |
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability. |
||
|
3.6.23 |
CWE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. |
||
|
31.5.23 |
CVE-2023-32369 |
CWE |
||
|
31.5.23 |
CVE-2023-2868 |
CWE |
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. | |
|
30.5.23 |
CWE |
A vulnerability in the expo.io framework allows an attacker to take over accounts and steal credentials on an application/website that configured the "Expo AuthSession Redirect Proxy" for social sign-in. |
||
|
25.5.23 |
CWE |
A buffer overflow vulnerability in the notification function that could enable an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution. |
||
|
25.5.23 |
CWE |
A buffer overflow vulnerability in the ID processing function that could enable an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution. |
||
|
25.5.23 |
CWE |
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). |
||
|
25.5.23 |
CWE |
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. |
||
|
25.5.23 |
CWE |
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. |
||
|
25.5.23 |
CWE |
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. |
||
|
25.5.23 |
CWE |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. |
||
|
25.5.23 |
CWE |
** DISPUTED ** KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. |
||
|
25.5.23 |
CWE |
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. |
||
|
20.5.23 |
CWE |
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. |
||
|
20.5.23 |
CWE |
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. |
||
|
20.5.23 |
CWE |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections) |
||
|
20.5.23 |
CWE |
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x |
||
|
20.5.23 |
CWE |
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel |
||
|
20.5.23 |
CWE |
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. |
||
|
20.5.23 |
CWE |
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. |
||
|
20.5.23 |
CWE |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections) |
||
|
20.5.23 |
CWE |
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x |
||
|
20.5.23 |
CWE |
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel |
||
|
18.5.23 |
CWE |
(CVSS score: 9.8): Cisco Small Business Series Switches Stack Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated BSS Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Denial-of-Service Vulnerability |
||
|
18.5.23 |
CWE |
(CVSS score: 7.5): Cisco Small Business Series Switches Unauthenticated Configuration Reading Vulnerability |
||
|
18.5.23 |
CWE |
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). |
||
|
15.5.2023 |
CWE |
(CVSS score: 6.5) - Missing Authentication Information Disclosure Vulnerability |
||
|
15.5.2023 |
CWE |
(CVSS score: 8.8) - Stack-based Buffer Overflow Authentication Bypass Vulnerability |
||
|
15.5.2023 |
CWE |
(CVSS score: 8.8) - Stack-based Buffer Overflow Authentication Bypass Vulnerability |
||
|
15.5.2023 |
CWE |
(CVSS score: 5.7) - Device Configuration Cleartext Storage Information Disclosure Vulnerability |
||
|
15.5.2023 |
CWE |
(CVSS score: 8.0) - Command Injection Remote Code Execution Vulnerability |
||
|
15.5.2023 |
CWE |
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). |
||
|
14.5.2023 |
CWE |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. |
||
|
14.5.2023 |
CWE |
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. |
||
|
14.5.2023 |
CWE |
Microsoft Outlook Elevation of Privilege Vulnerability |
||
|
14.5.2023 |
CWE |
Windows MSHTML Platform Security Feature Bypass Vulnerability |
||
|
14.5.2023 |
CWE |
Secure Boot Security Feature Bypass Vulnerability. |
||
|
14.5.2023 |
CWE |
Secure Boot Security Feature Bypass Vulnerability |
||
|
14.5.2023 |
CWE |
Windows OLE Remote Code Execution Vulnerability |
||
|
14.5.2023 |
CWE |
Win32k Elevation of Privilege Vulnerability |
||
|
13.5.2023 |
CWE |
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). |
||
|
5.5.23 |
CWE |
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. |
||
|
5.5.23 |
CWE |
(CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. |
||
|
5.5.23 |
CWE |
MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. |
||
|
5.5.23 |
CWE |
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login |
||
|
5.5.23 |
CWE |
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code. |
||
|
5.5.23 |
CWE |
Out-of-bounds read when processing a malformed BGP OPEN message that abruptly ends with the option length octet. |
||
|
5.5.23 |
CWE |
Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. |
||
|
5.5.23 |
CWE |
Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. |
||
|
5.5.23 |
CWE |
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration |
||
|
5.5.23 |
CWE |
(CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability |
||
|
5.5.23 |
CWE |
(CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability |
||
|
5.5.23 |
CWE |
(CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability |
||
|
28.4.23 |
CWE |
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35 |
||
|
28.4.23 |
CWE |
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35 |
||
|
28.4.23 |
CWE |
A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. |
||
|
28.4.23 |
CWE |
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker to execute some OS commands remotely. |
||
|
28.4.23 |
CWE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. |
||
|
28.4.23 |
CWE |
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. |
||
|
28.4.23 |
CWE |
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. |
||
|
27.4.23 |
CWE |
Session Validation attacks in Apache Superset versions up to and including 2.0.1. |
||
|
27.4.23 |
CWE |
VMware Aria Operations for Logs contains a deserialization vulnerability. |
||
|
27.4.23 |
CWE |
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. |
||
|
27.4.23 |
CWE |
VMware Fusion contains a local privilege escalation vulnerability. |
||
|
27.4.23 |
CWE |
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
||
|
27.4.23 |
CWE |
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
||
|
26.4.23 |
CWE |
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. |
||
|
22.4.23 |
CWE |
(CVSS score - 7.5) - MinIO Information Disclosure Vulnerability |
||
|
22.4.23 |
CWE |
(CVSS score - 9.8) - PaperCut MF/NG Improper Access Control Vulnerability |
||
|
22.4.23 |
CWE |
(CVSS score - TBD) - Google Chrome Skia Integer Overflow Vulnerability |
||
|
22.4.23 |
CWE |
VMware Aria Operations for Logs contains a command injection vulnerability. |
||
|
22.4.23 |
CWE |
Cisco Modeling Labs External Authentication Bypass Vulnerability |
||
|
22.4.23 |
CWE |
Cisco Industrial Network Director Vulnerabilities |
||
|
22.4.23 |
CWE |
Google patches another zero-day exploiting the Chrome browser |
||
|
20.4.23 |
CWE |
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. |
||
|
20.4.23 |
CWE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
20.4.23 |
CWE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
||
|
20.4.23 |
CVE-2023-29017 | Vulnerebility |
CWE |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. |
|
20.4.23 |
CVE-2023-30547 |
CWE |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. | |
|
20.4.23 |
CVE-2023-29199 |
CWE |
There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass `handleException()` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. | |
|
20.4.23 |
CWE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
20.4.23 |
CVE-2017-6742 | Vulnerebility |
CWE |
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. |
|
20.4.23 |
CWE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
||
|
14.4.23 |
CWE |
(CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability |
||
|
14.4.23 |
CWE |
(CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability |
||
|
12.4.23 |
CWE |
Secure Boot Security Feature Bypass Vulnerability. |
||
|
12.4.23 |
CWE |
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 |
||
|
12.4.23 |
CWE |
Microsoft Message Queuing Denial of Service Vulnerability |
||
|
12.4.23 |
CWE |
Microsoft Message Queuing Denial of Service Vulnerability |
||
|
12.4.23 |
CWE |
Microsoft Message Queuing Remote Code Execution Vulnerability |
||
|
12.4.23 |
CWE |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
||
|
12.4.23 |
CWE |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
||
|
12.4.23 |
CWE |
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. |
||
|
11.4.23 |
CWE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0 |
||
|
11.4.23 |
CWE |
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. |
||
|
11.4.23 |
CWE |
(CVSS score: 8.8) - Veritas Backup Exec Agent Command Execution Vulnerability |
||
|
11.4.23 |
CWE |
(CVSS score: 8.2) - Veritas Backup Exec Agent Improper Authentication Vulnerability |
||
|
11.4.23 |
CWE |
(CVSS score: 8.1) - Veritas Backup Exec Agent File Access Vulnerability |
||
|
9.4.23 |
CWE |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. |
||
|
9.4.23 |
CWE |
An out-of-bounds write issue in IOSurfaceAccelerator that could enable an app to execute arbitrary code with kernel privileges. |
||
|
9.4.23 |
CWE |
A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. |
||
|
7.4.23 |
CWE |
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application. |
||
|
7.4.23 |
CWE |
Service Fabric Explorer Spoofing Vulnerability |
||
|
6.4.23 |
CWE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. |
||
|
6.4.23 |
CWE |
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e |
||
|
3.4.23 |
CWE |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
||
|
3.4.23 |
CWE |
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A |
||
|
3.4.23 |
CWE |
|
||
|
25.3.23 |
CVE-2023-23397 | Vulnerebility |
CWE |
Microsoft Outlook Elevation of Privilege Vulnerability |
|
23.3.23 |
CVE-2023-28756 | Vulnerebility |
CWE |
|
|
23.3.23 |
CVE-2023-28755 | Vulnerebility |
CWE |
|
|
23.3.23 |
CVE-2023-1145 | Vulnerebility |
CWE |
|
|
23.3.23 |
CVE-2023-1139 | Vulnerebility |
CWE |
|
|
23.3.23 |
CVE-2023-1133 | Vulnerebility |
CWE |
|
|
23.3.23 |
CVE-2022-41328 | Vulnerebility |
CWE |
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. |
|
16.3.23 |
CWE |
|||
|
16.3.23 |
CWE |
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. |
||
|
16.3.23 |
CWE |
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. |
||
|
16.3.23 |
CWE |
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. |
||
|
15.3.23 |
CWE |
Microsoft Outlook Elevation of Privilege Vulnerability |
||
|
15.3.23 |
CWE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.3.23 |
CWE |
Windows SmartScreen Security Feature Bypass Vulnerability |
||
|
15.3.23 |
CWE |
HTTP Protocol Stack Remote Code Execution Vulnerability |
||
|
15.3.23 |
CWE |
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability |
||
|
15.3.23 |
CWE |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
||
|
15.3.23 |
CWE |
Microsoft OneDrive for Android Information Disclosure Vulnerability |
||
|
15.3.23 |
CWE |
Microsoft OneDrive for Android Information Disclosure Vulnerability |
||
|
15.3.23 |
CWE |
Office for Android Spoofing Vulnerability |
||
|
15.3.23 |
CWE |
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability |
||
|
15.3.23 |
CWE |
|
||
|
15.3.23 |
CWE |
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. |
||
|
15.3.23 |
CWE |
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. |
||
|
15.3.23 |
|
CWE |
|
|
|
15.3.23 |
CWE |
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. |
||
|
15.3.23 |
CWE |
A buffer underwrite ('buffer underflow') vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests. |
||
|
11.3.23 |
CVE-2021-39144 | Vulnerebility |
CWE |
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. |
| 8.3.23 | CVE-2022-35914 | Vulnerebility |
CWE |
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. |
| 8.3.23 | CVE-2022-33891 | Vulnerebility |
CWE |
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. |
| 8.3.23 | CVE-2022-28810 | Vulnerebility |
CWE |
Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature |
| 8.3.23 | CVE-2021-39144 | Vulnerebility |
CWE |
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. |
| 8.3.23 | CVE-2022-31678 | Vulnerebility |
CWE |
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. |
|
3.3.23 |
CVE-2023-1018 | Vulnerebility |
CWE |
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. |
|
3.3.23 |
CVE-2023-1017 | Vulnerebility |
CWE |
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. |
|
2.3.23 |
CWE |
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. |
||
|
2.3.23 |
CWE |
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. |
||
|
28.2.23 |
CVE-2022-36537 | Vulnerebility |
CWE |
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. |
|
22.2.23 |
CVE-2022-40765 | Vulnerebility |
CWE |
(CVSS score: 6.8) – The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system. |
|
22.2.23 |
CVE-2022-41223 | Vulnerebility |
CWE |
(CVSS score: 6.8) – Mitel MiVoice Connect Code Injection Vulnerability – An authenticated attacker with internal network access can trigger the flaw to execute code within the context of the application. |
|
22.2.23 |
CVE-2022-47986 | Vulnerebility |
CWE |
(CVSS score: 9.8) – IBM Aspera Faspex Code Execution Vulnerability – A remote attacker can trigger the vulnerability to execute arbitrary code on the system. The issue is caused by a YAML deserialization issue. Researchers from Shadowserver Fondation confirmed the active exploitation of the vulnerability in the wild. |
|
22.2.23 |
CVE-2023-23531 | Vulnerebility |
CWE |
|
|
22.2.23 |
CVE-2023-23530 | Vulnerebility |
CWE |
|
|
22.2.23 |
CVE-2022-23520 | Vulnerebility |
CWE |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both "select" and "style" elements |
|
22.2.23 |
CVE-2022-40765 | Vulnerebility |
CWE |
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters. |
|
22.2.23 |
CVE-2022-41223 | Vulnerebility |
CWE |
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type. |
|
22.2.23 |
CVE-2022-47986 | Vulnerebility |
CWE |
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512. |
|
22.2.23 |
CVE-2023-20858 | Vulnerebility |
CWE |
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system. |
|
18.2.23 |
CVE-2014-9727 | Vulnerebility |
CWE |
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm. |
|
18.2.23 |
CVE-2012-4869 | Vulnerebility |
CWE |
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action. |
|
18.2.23 |
Vulnerebility |
CWE |
Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue. | |
|
18.2.23 |
CVE-2023-20014 | Vulnerebility |
CWE |
A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. |
|
18.2.23 |
CVE-2023-20032 |
CWE |
ClamAV 0.104 has reached end-of-life according to the ClamAV End of Life (EOL) policy and will not be patched. Anyone using ClamAV 0.104 must switch to a supported version. All users should update as soon as possible to patch for two remote code execution vulnerabilities that we recently discovered and patched. | |
|
18.2.23 |
CWE |
Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. |
||
|
18.2.23 |
CWE |
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. |
||
|
18.2.23 |
CWE |
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016) |
||
|
18.2.23 |
CWE |
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. |
||
|
18.2.23 |
CWE |
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. |
||
| 15.2.23 | CVE-2017-8291 | Vulnerebility |
CWE |
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. |
| 15.2.23 | CVE-2023-23376 | Vulnerebility |
CWE |
(CVSS score: 7.8) - Windows Common Log File System (CLFS) Driver Elevation of Privilege Vulnerability |
| 15.2.23 | CVE-2023-21823 | Vulnerebility |
CWE |
(CVSS score: 7.8) - Windows Graphics Component Elevation of Privilege Vulnerability |
| 15.2.23 | CVE-2023-21715 | Vulnerebility |
CWE |
(CVSS score: 7.3) - Microsoft Office Security Feature Bypass Vulnerability |
| 14.2.23 | CVE-2021-38003 | Vulnerebility |
CWE |
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 14.2.23 | CVE-2023-23522 | Vulnerebility |
CWE |
This is a critical vulnerability that is already actively exploited. The type confusion vulnerability in webKit and it is already exploited. It may be exploited by the user visiting a malicious web page. It affects Safari, iPadOS, iOS as well as MacOS. |
| 14.2.23 | CVE-2023-23514 | Vulnerebility |
CWE |
A kernel vulnerability that may allow an application installed on the device to execute arbitrary code with kernel privileges. A code achieving command execution via CVE-2023-23529 could use this vulnerability to escalate privileges and escape the Safari sandbox. iPadOS, iOS, and MacOS are affected. |
| 14.2.23 | CVE-2023-23529 | Vulnerebility |
CWE |
This vulnerability in Shortcuts may allow an app to observe unprotected user data. It only affects macOS. |
| 14.2.23 | CVE-2022-29464 | Vulnerebility |
CWE |
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0. |
| 14.2.23 | CVE-2022-42856 | Vulnerebility |
CWE |
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. |
| 14.2.23 | CVE-2023-23529 | Vulnerebility |
CWE |
|
| 12.2.23 | CVE-2023-0669 | Vulnerebility |
CWE |
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. |
| 12.2.23 | CVE-2015-2291 | Vulnerebility |
CWE |
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call. |
| 12.2.23 | CVE-2022-24990 | Vulnerebility |
CWE |
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. |
| 11.2.23 | CVE-2023-25136 | Vulnerebility |
CWE |
A flaw was found in the OpenSSH server (sshd), which introduced a double-free vulnerability during options.kex_algorithms handling. An unauthenticated attacker can trigger the double-free in the default configuration. |
| 9.2.23 | CVE-2022-3996 | Vulnerebility |
CWE |
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. |
| 9.2.23 | CVE-2023-0286 | Vulnerebility |
CWE |
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. |
|
7.2.23 |
CWE |
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. |
||
|
7.2.23 |
CWE |
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation. |
||
|
7.2.23 |
CWE |
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). |
||
|
7.2.23 |
CWE |
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution. |
||
|
3.2.23 |
CWE |
A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QuTS hero, QTS: QuTS hero h5.0.1.2248 build 20221215 and later QTS 5.0.1.2234 build 20221201 and later |
||
|
3.2.23 |
CWE |
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers. |
||
|
28.1.23 |
CWE |
named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota |
||
|
28.1.23 |
CWE |
named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries |
||
|
28.1.23 |
CWE |
BIND Supported Preview Edition named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries |
||
|
28.1.23 |
CWE |
An UPDATE message flood may cause named to exhaust all available memory |
||
|
28.1.23 |
CWE |
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. |
||
|
28.1.23 |
CWE |
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication. |
||
|
28.1.23 |
CWE |
vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service. |
||
|
28.1.23 |
CWE |
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. |
||
|
28.1.23 |
CWE |
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. |
||
|
27.1.23 |
CWE |
Windows CryptoAPI Spoofing Vulnerability. |
||
|
20.1.23 |
CWE |
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. |
||
|
20.1.23 |
CWE |
In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution. |
||
|
20.1.23 |
CWE |
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. |
||
|
20.1.23 |
CWE |
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). |
||
|
20.1.23 |
CWE |
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location. |
||
|
20.1.23 |
CWE |
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. |
||
|
20.1.23 |
CWE |
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. |
||
|
20.1.23 |
CWE |
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. |
||
|
20.1.23 |
CWE |
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. |
||
|
20.1.23 |
CWE |
Ermetic's research team discovered a remote code execution vulnerability affecting Azure cloud services and other cloud sovereigns including Function Apps, App Service and Logic Apps. |
||
|
17.1.23 |
CWE |
(CVSS score: 9.8), a combination of authentication bypass and command injection that enables an unauthenticated user to execute arbitrary code on an affected version of the open-source, web-based monitoring solution. |
||
|
14.1.23 |
CWE |
The attacks entailed the exploitation of CVE-2022-42475, a heap-based buffer overflow flaw that could enable an unauthenticated remote attacker to execute arbitrary code via specifically crafted requests. |
||
| 07.7.22 | OrBit |
CWE |
OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow | |
| 07.7.22 | CVE-2022-2274 |
CWE |
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. | |
| 5.7.22 | CVE-2022-2294 |
CWE |
relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native apps. | |
| 1.7.22 | CVE-2019-2725 |
CWE |
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server | |
| 1.7.22 | CVE-2022-26134 |
CWE |
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. | |
| 29.6.22 | CVE-2022-30333 |
CWE |
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. | |
| 29.6.22 | CVE-2022-30137 |
CWE |
Azure Service Fabric Container Elevation of Privilege Vulnerability. | |
| 29.6.22 | CVE-2022-29499 |
CWE |
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA. | |
| 29.6.22 | CVE-2021-30533 |
CWE |
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. | |
| 29.6.22 | CVE-2021-4034 |
CWE |
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. | |
|
28.6.22 |
CWE |
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. |
||
|
28.6.22 |
CWE |
OpenSSL version 3.0.4, released on June 21th 2022, is susceptible to remote memory corruption which can be triggered trivially by an attacker. BoringSSL, LibreSSL and the OpenSSL 1.1.1 branch are not affected. Furthermore, only x64 systems with AVX512 support are affected. |
||
|
25.6.22 |
CWE |
This issue was CVE-2021-30983 was fixed in iOS 15.2 in December 2021. |
||
|
23.6.22 |
CVE-2022-22954 |
CWE |
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. | |
|
23.6.22 |
CVE-2021-44228 |
CWE |
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | |
| 23.6.22 | CVE-2018-8174 |
CWE |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |
|
23.6.22 |
CVE-2019-0752 |
CWE |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862. | |
|
23.6.22 |
CVE-2021-26411 |
CWE |
Internet Explorer Memory Corruption Vulnerability | |
|
21.6.22 |
CVE-2022-22620 |
CWE |
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). | |
|
19.6.22 |
CVE-2022-26134 |
CWE |
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. | |
|
19.6.22 |
CWE |
(CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponized to execute arbitrary code remotely. It affects Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier. |
||
|
16.6.22 |
CWE |
CVSS score: 9.8), relates to a case of insufficient user input validation of incoming HTTP packets. |
||
|
16.6.22 |
CWE |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
||
|
16.6.22 |
CWE |
Windows Network File System Remote Code Execution Vulnerability |
||
|
16.6.22 |
CWE |
Windows Hyper-V Remote Code Execution Vulnerability |
||
|
16.6.22 |
CWE |
(CVSS score: 7.8), an elevation of privilege vulnerability affecting Windows Installer and which has been marked with an "Exploitation More Likely" assessment by Microsoft. |
||
|
14.6.22 |
CVE-2022-27924 |
CWE |
(CVSS score: 7.5), the issue has been characterized as a case of "Memcached poisoning with unauthenticated request," leading to a scenario where an adversary can inject malicious commands and siphon sensitive information. | |
|
14.6.22 |
CVE-2022-29972 |
CWE |
(CVSS score: 7.8) and disclosed early last month, could have allowed an attacker to perform remote command execution and gain access to another Azure client's cloud environment. | |
|
14.6.22 |
CWE |
Successful exploitation of the flaws could allow access to sensitive information and code execution. The vulnerabilities impact 6800 and 6900 Series SIP phones, excluding the 6970 model. |
||
|
14.6.22 |
CWE |
Successful exploitation of the flaws could allow access to sensitive information and code execution. The vulnerabilities impact 6800 and 6900 Series SIP phones, excluding the 6970 model. |
||
|
9.6.22 |
CWE |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability." |
||
|
9.6.22 |
CWE |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 |
||
|
9.6.22 |
CWE |
Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix) |
||
|
9.6.22 |
CVE-2010-3333 |
CWE |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability." | |
|
9.6.22 |
CVE-2012-0158 |
CWE |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability." | |
|
9.6.22 |
CWE |
Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix) |
||
|
6.6.22 |
CWE |
(CVSS score: 7.1) - Large buffer overflow leads to DoS in U-Boot IP packet defragmentation code |
||
|
6.6.22 |
CWE |
(CVSS score: 9.6) - Hole Descriptor overwrite in U-Boot IP packet defragmentation leads to an arbitrary out-of-bounds write primitive. |
||
|
6.6.22 |
CWE |
(CVSS score: 7.4) - A lack of TLS encryption for LRM versions 2.4 and lower that could be abused by an attacker to stage a man-in-the-middle (MitM) attack and access credentials. |
||
|
6.6.22 |
CWE |
(CVSS score: 9.1) - A lack of authentication in LRM by default, enabling an attacker to inject, modify, or access sensitive data. |
||
|
6.6.22 |
CWE |
(CVSS score: 10.0) - An issue with the unrestricted upload of any file type, allowing an attacker to achieve arbitrary code execution. |
||
|
6.6.22 |
CWE |
(CVSS score: 10.0) - A directory traversal vulnerability that could allow an attacker to upload malicious files to arbitrary locations. |
||
|
6.6.22 |
CWE |
(CVSS score: 10.0) - A remote code execution vulnerability at the operating system level that could allow an attacker to tamper with settings and access sensitive data or APIs. |
||
|
6.6.22 |
CWE |
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. |
||
|
4.6.22 |
CVE-2022-1680 |
CWE |
GitLab Critical Security Release: 15.0.1, 14.10.4, and 14.9.5 for GitLab Community Edition (CE) and Enterprise Edition (EE). | |
|
4.6.22 |
CWE |
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. |
||
|
3.6.22 |
CWE |
Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers |
||
|
3.6.22 |
CWE |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. |
||
|
3.6.22 |
CWE |
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 |
||
|
3.6.22 |
CWE |
Horde Webmail Remote Code Execution via Email. The discovered code vulnerability (CVE-2022-30287) allows an authenticated user of a Horde instance to execute arbitrary code on the underlying server. The vulnerability can be exploited with a single GET request which can be triggered via Cross-Site-Request-Forgery. |
||
|
31.5.22 |
CWE |
rated 7.8 out of 10 for severity on the CVSS vulnerability scoring system. Microsoft Office versions Office 2013, Office 2016, Office 2019, and Office 2021, as well as Professional Plus editions, are impacted. |
||
|
31.5.22 |
CWE |
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8), concerns a critical bug in the BIG-IP iControl REST endpoint that provides an unauthenticated adversary with a method to execute arbitrary system commands. |
||
|
31.5.22 |
CWE |
(CVSS score: 10.0) - A code injection vulnerability in Spring Cloud Gateway |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8) - A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8) - A command injection vulnerability in TOTOLink A3000RU wireless router |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8) - A remote code execution vulnerability in KRAMER VIAware |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8) - A privilege escalation and command execution vulnerability in Kramer VIAWare |
||
|
31.5.22 |
CWE |
(CVSS score: 9.8) - A remote code execution vulnerability in Liferay Portal |
||
|
29.5.22 |
CVE-2021-42601 |
CWE |
||
|
29.5.22 |
CVE-2021-42600 |
CWE |
||
|
29.5.22 |
CVE-2021-42599 |
CWE |
||
|
29.5.22 |
CWE |
A cross-site scripting (XSS) vulnerability in some firewall versions that could be exploited to access information stored in the user's browser, such as cookies or session tokens, via a malicious script. |
||
|
29.5.22 |
CWE |
Several input validation flaws in command line interface (CLI) commands for some versions of firewall, AP controller, and AP devices that could be exploited to cause a system crash. |
||
|
29.5.22 |
CWE |
A command injection vulnerability in the "packet-trace" CLI command for some versions of firewall, AP controller, and AP devices that could lead to execution of arbitrary OS commands. |
||
|
29.5.22 |
CWE |
An authentication bypass vulnerability affecting select firewall versions that could permit an attacker to downgrade from two-factor authentication to one-factor authentication via an IPsec VPN client. |
||
|
29.5.22 |
CWE |
(CVSS score: 9.8), the critical security flaw came to light in January 2019 and relates to a case of arbitrary read and write access to the BMC's physical address space, resulting in arbitrary code execution. |
||
|
29.5.22 |
CWE |
|
||
|
29.5.22 |
CWE |
|
||
|
25.5.22 |
CWE |
(CVSS score: 8.1) - Improper XML Parsing in Zoom Client for Meetings |
||
|
25.5.22 |
CWE |
(CVSS score: 5.9) - Improperly constrained session cookies in Zoom Client for Meetings |
||
|
25.5.22 |
CWE |
(CVSS score: 7.5) - Update package downgrade in Zoom Client for Meetings for Windows |
||
|
25.5.22 |
CWE |
(CVSS score: 5.9) - Insufficient hostname validation during server switch in Zoom Client for Meetings |
||
|
21.5.22 |
CWE |
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory. |
||
|
21.5.22 |
CWE |
NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. |
||
|
20.5.22 |
CVE-2021-37973 |
CWE |
Use-after-free in Portals API | |
|
20.5.22 |
CVE-2021-37976 |
CWE |
Information leak in core | |
|
20.5.22 |
CVE-2021-38000 |
CWE |
Insufficient validation of untrusted input in Intents (root cause analysis) | |
|
20.5.22 |
CVE-2021-38003 |
CWE |
Inappropriate implementation in V8, and | |
|
20.5.22 |
CVE-2021-1048 |
CWE |
Use-after-free in Android kernel (root cause analysis) | |
|
20.5.22 |
CVE-2021-22573 |
CWE |
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. | |
|
20.5.22 |
CVE-2022-22973 |
CWE |
(CVSS score: 7.8), the other bug, is a case of local privilege escalation that could enable an attacker with local access to elevate privileges to the "root" user on vulnerable virtual appliances. | |
|
20.5.22 |
CVE-2022-22972 |
CWE |
(CVSS score: 9.8), concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior authentication. | |
|
20.5.22 |
CVE-2022-22960 |
CWE |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'. | |
|
20.5.22 |
CVE-2022-22954 |
CWE |
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. | |
|
18.5.22 |
CVE-2022-22947 |
CWE |
(CVSS score: 10.0), a code injection vulnerability in Spring Cloud Gateway that could be exploited to allow arbitrary remote execution on a remote host via a maliciously crafted request. | |
|
18.5.22 |
CWE |
code injection vulnerability in Spring Cloud Gateway that could be exploited to allow arbitrary remote execution on a remote host by means of a specially crafted request. |
||
|
18.5.22 |
CWE |
the vulnerability is rated 9.8 for severity and relates to a command injection flaw in select versions of the Zyxel firewall that could enable an unauthenticated adversary to execute arbitrary commands on the underlying operating system. |
||
|
18.5.22 |
CWE |
BRAKTOOTH: Causing Havoc on Bluetooth Link Manag |
||
| 14.5.22 | CVE-2022-1701 |
CWE |
(CVSS score: 5.7) - Use of a shared and hard-coded cryptographic key SonicWall SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. | |
| 14.5.22 | CVE-2022-1702 |
CWE |
(CVSS score: 6.1) - URL redirection to an untrusted site (open redirection) SonicWall SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. | |
| 14.5.22 | CVE-2022-22282 |
CWE |
(CVSS score: 8.2) - Unauthenticated Access Control Bypass SonicWall SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. | |
| 14.5.22 | CVE-2022-0556 |
CWE |
Local privilege escalation ZyXel VMG3312-T20A | |
| 14.5.22 | CVE-2022-26414 |
CWE |
Buffer overflow ZyXel VMG3312-T20A | |
| 14.5.22 | CVE-2022-26413 |
CWE |
Command injection ZyXel VMG3312-T20A | |
| 14.5.22 | CVE-2022-30525 |
CWE |
(CVSS score: 9.8), the flaw impacts the following products, with patches released in version ZLD V5.30 | |
| 11.5.22 | CVE-2022-29140 |
CWE |
Vulnerabilities in the Print Spooler component | |
| 11.5.22 | CVE-2022-29114 |
CWE |
Vulnerabilities in the Print Spooler component | |
| 11.5.22 | CVE-2022-29132 |
CWE |
Privilege escalation | |
| 11.5.22 | CVE-2022-29104 |
CWE |
Privilege escalation | |
| 11.5.22 | CVE-2022-30129 |
CWE |
Visual Studio Code | |
| 11.5.22 | CVE-2022-22019 |
CWE |
Remote Procedure Call Runtime | |
| 11.5.22 | CVE-2022-29133 |
CWE |
Windows Kernel | |
| 11.5.22 | CVE-2022-26927 |
CWE |
Windows Graphics | |
| 11.5.22 | CVE-2022-29130 |
CWE |
Windows LDAP | |
| 11.5.22 | CVE-2022-22012 |
CWE |
Windows LDAP | |
| 11.5.22 | CVE-2022-26937 |
CWE |
RCE bugs in Windows Network File System | |
| 11.5.22 | CVE-2022-22713 |
CWE |
(CVSS score: 5.6) - Windows Hyper-V Denial-of-Service Vulnerability | |
| 11.5.22 | CVE-2022-29972 |
CWE |
(CVSS score: 8.2) - Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver (aka SynLapse) | |
| 11.5.22 | CVE-2022-26925 |
CWE |
(CVSS score: 8.1), a spoofing vulnerability affecting the Windows Local Security Authority (LSA), which Microsoft describes as a "protected subsystem that authenticates and logs users onto the local system." | |
| 11.5.22 | CVE-2022-29972 |
CWE |
Orca Security is issuing this security advisory for CVE-2022-29972 to address hazards in the use of the Microsoft Azure Synapse service. We believe the tenant separation in this service is insufficiently robust to protect secrets against other tenants. | |
|
10.5.22 |
CVE-2022-1388 |
CWE |
(CVSS score: 9.8), the flaw relates to an iControl REST authentication bypass that, if successfully exploited, could lead to remote code execution, allowing an attacker to gain initial access and take control of an affected system. | |
|
8.5.22 |
CVE-2022-27588 |
CWE |
(CVSS score: 9.8), the vulnerability has been addressed in QVR 5.1.6 build 20220401 and later. Credited with reporting the flaw is the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC). | |
|
8.5.22 |
CVE-2021-38693 |
CWE |
(CVSS score: 5.3) - A path traversal vulnerability in thttpd affecting QNAP devices running QTS, QuTS hero, QuTScloud, and QVR Pro Appliance, leading to information disclosure | |
|
8.5.22 |
CVE-2021-44051 |
CWE |
(CVSS score: 8.8) - A command injection vulnerability in QNAP devices running QTS, QuTS hero, and QuTScloud, resulting in arbitrary command execution | |
|
8.5.22 |
CVE-2021-44052 |
CWE |
(CVSS score: 6.5) - An improper link resolution before file access ("link following") vulnerability in QNAP devices running QTS, QuTS hero, and QuTScloud, allowing attackers to read/write files in arbitrary file locations | |
|
8.5.22 |
CVE-2021-44053 |
CWE |
(CVSS score: 5.7) - A cross-site scripting (XSS) vulnerability in QNAP devices running QTS, QuTS hero, and QuTScloud, leading to code injection | |
|
8.5.22 |
CVE-2021-44054 |
CWE |
(CVSS score: 4.3) - An open redirect vulnerability in QNAP devices running QTS, QuTS hero, and QuTScloud, making it possible to redirect users to a rogue web pages | |
|
8.5.22 |
CVE-2021-44055 |
CWE |
(CVSS score: 5.3) - A missing authorization vulnerability in QNAP devices running Video Station, allowing attackers to access data or perform unauthorized actions | |
|
8.5.22 |
CVE-2021-44056 |
CWE |
(CVSS score: 7.1) - An improper authentication vulnerability in QNAP devices running Video Station, leading to system compromise | |
|
8.5.22 |
CVE-2021-44057 |
CWE |
(CVSS score: 7.1) - An improper authentication vulnerability in QNAP devices running Photo Station, leading to system compromise | |
|
8.5.22 |
CVE-2021-22600 |
CWE |
(CVSS score: 7.8), the vulnerability is ranked "High" for severity and could be exploited by a local user to escalate privileges or deny service. | |
|
8.5.22 |
CVE-2022-26523 |
CWE |
Avast’s “Anti Rootkit” driver (also used by AVG) has been found to be vulnerable to two high severity attacks that could potentially lead to privilege escalation by running code in the kernel from a non-administrator user. | |
|
8.5.22 |
CVE-2022-26522 |
CWE |
Avast’s “Anti Rootkit” driver (also used by AVG) has been found to be vulnerable to two high severity attacks that could potentially lead to privilege escalation by running code in the kernel from a non-administrator user. | |
|
5.5.22 |
CWE |
(CVSS score: 9.9) - An issue with insufficient guest restrictions that allows an authenticated, remote attacker to escape from the guest VM to gain unauthorized root-level access on the NFVIS host. |
||
|
5.5.22 |
CWE |
(CVSS score: 8.8) - An improper input validation flaw that permits an unauthenticated, remote attacker to inject commands that execute at the root level on the NFVIS host during the image registration process. |
||
|
5.5.22 |
CWE |
(CVSS score: 9.9) - An issue with insufficient guest restrictions that allows an authenticated, remote attacker to escape from the guest VM to gain unauthorized root-level access on the NFVIS host. |
||
|
5.5.22 |
CWE |
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. |
||
|
5.5.22 |
CWE |
When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the file down in a temp directory. In the case of this vulnerability, dotCMS does not sanitize the filename passed in via the multipart request header and thus does not sanitize the temp file's name. |
||
|
4.5.22 |
CWE |
Armis has discovered five vulnerabilities in the implementation of TLS communications in multiple models of Aruba and Avaya switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities (discovered earlier this year by Armis) and expand the reach of TLStorm to potentially millions of additional enterprise-grade network infrastructure devices. |
||
| 1.5.22 | ExtraReplica Vulnerebility |
CWE |
Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | |
| 30.4.22 | CVE-2022-23121 |
CWE |
Upon the latest release of Netatalk 3.1.13, the Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software: CVE-2021-31439, CVE-2021-31439, CVE-2022-23121, CVE-2022-23123, CVE-2022-23122, CVE-2022-23125, CVE-2022-23124, and CVE-2022-0194. | |
| 30.4.22 | Nimbuspwn |
CWE |
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn | |
| 27.4.22 | CVE-2022-22954 |
CWE |
Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager. | |
| 27.4.22 | CVE-2021-22204 |
CWE |
After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities. | |
|
23.4.22 |
CWE |
(CVSS score: 7.5), impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition |
||
|
23.4.22 |
CWE |
Possible buffer overflow with very large or unlimited LimitXMLRequestBody |
||
|
23.4.22 |
CWE |
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server |
||
|
23.4.22 |
CWE |
(CVSS score: 7.5), the second flaw to be patched, concerns a static SSH host key that's present in Cisco Umbrella Virtual Appliance (VA) running a software version earlier than 3.3.2, potentially permitting an attacker to perform a man-in-the-middle (MitM) attack on an SSH connection and hijack the administrator credentials. |
||
|
23.4.22 |
CWE |
CVSS scores: 8.8 |
||
|
23.4.22 |
CWE |
CVSS scores: 8.8 |
||
|
23.4.22 |
CWE |
CVSS scores: 8.8 |
||
|
23.4.22 |
CWE |
CVSS scores: 8.8 |
||
|
23.4.22 |
CWE |
CVSS score: 5.5, MediaTek) - A case of improper input validation in ALAC decoder leading to information disclosure without any user interaction |
||
|
23.4.22 |
CWE |
(CVSS score: 7.8, MediaTek) - A local privilege escalation flaw in ALAC decoder stemming from out-of-bounds write |
||
|
23.4.22 |
CWE |
(CVSS score: 9.8, Qualcomm) - An out-of-bound memory access due to improper validation of number of frames being passed during music playback |
||
|
21.4.22 |
CVE-2022-20685 |
CWE |
||
|
21.4.22 |
CWE |
|||
|
21.4.22 |
CWE |
|||
|
21.4.22 |
CVE-2021-3972 |
CWE |
||
|
21.4.22 |
CVE-2021-3971 |
CWE |
||
|
21.4.22 |
CVE-2021-3970 |
CWE |
||
|
16.4.22 |
CWE |
|||
|
16.4.22 |
CWE |
|||
|
6.4.22 |
CWE |
|||
|
6.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
2.4.22 |
CWE |
|||
|
27.3.22 |
CWE |
|||
|
24.3.22 |
CWE |
|||
|
24.3.22 |
CWE |
|||