Search
Total
1566 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43403 | 1 Jenkins | 1 Script Security | 2023-11-22 | N/A | 9.9 CRITICAL |
| A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | |||||
| CVE-2022-43401 | 1 Jenkins | 1 Script Security | 2023-11-22 | N/A | 9.9 CRITICAL |
| A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | |||||
| CVE-2022-43406 | 1 Jenkins | 1 Groovy Libraries | 2023-11-22 | N/A | 9.9 CRITICAL |
| A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | |||||
| CVE-2022-43405 | 1 Jenkins | 1 Groovy Libraries | 2023-11-22 | N/A | 9.9 CRITICAL |
| A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin 612.v84da_9c54906d and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | |||||
| CVE-2023-39335 | 1 Ivanti | 1 Endpoint Manager Mobile | 2023-11-22 | N/A | 9.8 CRITICAL |
| A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources. | |||||
| CVE-2023-39337 | 1 Ivanti | 1 Endpoint Manager Mobile | 2023-11-22 | N/A | 9.1 CRITICAL |
| A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity. | |||||
| CVE-2023-20596 | 1 Amd | 128 Ryzen 3 5125c, Ryzen 3 5125c Firmware, Ryzen 3 5300g and 125 more | 2023-11-21 | N/A | 9.8 CRITICAL |
| Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. | |||||
| CVE-2023-36049 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2022 and 13 more | 2023-11-21 | N/A | 9.8 CRITICAL |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-36018 | 1 Microsoft | 1 Jupyter | 2023-11-21 | N/A | 9.8 CRITICAL |
| Visual Studio Code Jupyter Extension Spoofing Vulnerability | |||||
| CVE-2023-36397 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-11-20 | N/A | 9.8 CRITICAL |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||||
| CVE-2023-36028 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2023-11-20 | N/A | 9.8 CRITICAL |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | |||||
| CVE-2023-43902 | 1 Emsigner | 1 Emsigner | 2023-11-17 | N/A | 9.8 CRITICAL |
| Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows unauthenticated attackers to access accounts of all registered users, including those with administrator privileges via a crafted password reset token. | |||||
| CVE-2023-45878 | 1 Gibbonedu | 1 Gibbon | 2023-11-17 | N/A | 9.8 CRITICAL |
| GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubrics_visualise_saveAjax.phps does not require authentication. The endpoint accepts the img, path, and gibbonPersonID parameters. The img parameter is expected to be a base64 encoded image. If the path parameter is set, the defined path is used as the destination folder, concatenated with the absolute path of the installation directory. The content of the img parameter is base64 decoded and written to the defined file path. This allows creation of PHP files that permit Remote Code Execution (unauthenticated). | |||||
| CVE-2023-5913 | 1 Microfocus | 1 Fortify Scancentral Dast | 2023-11-16 | N/A | 9.8 CRITICAL |
| Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1. | |||||
| CVE-2023-6012 | 1 Lanaccess | 1 Onsafe Monitorhm | 2023-11-16 | N/A | 9.8 CRITICAL |
| An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure. | |||||
| CVE-2021-4297 | 1 Jobe Project | 1 Jobe | 2023-11-16 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The patch is identified as 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability. | |||||
| CVE-2017-20179 | 1 Instedd | 1 Pollit | 2023-11-16 | N/A | 9.8 CRITICAL |
| A vulnerability was found in InSTEDD Pollit 2.3.1. It has been rated as critical. This issue affects the function TourController of the file app/controllers/tour_controller.rb. The manipulation leads to an unknown weakness. The attack may be initiated remotely. Upgrading to version 2.3.2 is able to address this issue. The patch is named 6ef04f8b5972d5f16f8b86f8b53f62fac68d5498. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-221507. | |||||
| CVE-2023-20198 | 1 Cisco | 1 Ios Xe | 2023-11-15 | N/A | 10.0 CRITICAL |
| Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343. | |||||
| CVE-2023-47008 | 1 Asus | 2 Rt-ax57, Rt-ax57 Firmware | 2023-11-15 | N/A | 9.8 CRITICAL |
| An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the ifname field in the sub_4CCE4 function. | |||||
| CVE-2023-47007 | 1 Asus | 2 Rt-ax57, Rt-ax57 Firmware | 2023-11-15 | N/A | 9.8 CRITICAL |
| An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ifname field in the sub_391B8 function. | |||||
| CVE-2023-47006 | 1 Asus | 2 Rt-ax57, Rt-ax57 Firmware | 2023-11-15 | N/A | 9.8 CRITICAL |
| An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ipaddr field in the sub_6FC74 function. | |||||
| CVE-2023-47005 | 1 Asus | 2 Rt-ax57, Rt-ax57 Firmware | 2023-11-15 | N/A | 9.8 CRITICAL |
| An issue in ASUS RT-AX57 v.3.0.0.4_386_52041 allows a remote attacker to execute arbitrary code via a crafted request to the lan_ifname field in the sub_ln 2C318 function. | |||||
| CVE-2023-38547 | 1 Veeam | 1 One | 2023-11-14 | N/A | 9.8 CRITICAL |
| A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database. | |||||
| CVE-2023-46980 | 1 Mayurik | 1 Best Courier Management System | 2023-11-14 | N/A | 9.8 CRITICAL |
| An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter. | |||||
| CVE-2023-46501 | 1 Boltwire | 1 Boltwire | 2023-11-13 | N/A | 9.1 CRITICAL |
| An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function. | |||||
| CVE-2023-46404 | 1 Utoronto | 1 Pcrs | 2023-11-13 | N/A | 9.9 CRITICAL |
| PCRS <= 3.11 (d0de1e) “Questions” page and “Code editor” page are vulnerable to remote code execution (RCE) by escaping Python sandboxing. | |||||
| CVE-2023-5843 | 1 Datafeedr | 1 Ads By Datafeedr.com | 2023-11-13 | N/A | 9.8 CRITICAL |
| The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfads_ajax_load_ads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot be specified arbitrarily. | |||||
| CVE-2023-0574 | 1 Yugabyte | 1 Yugabytedb Managed | 2023-11-10 | N/A | 9.8 CRITICAL |
| Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined Object Attributes, Improper Restriction of Excessive Authentication Attempts vulnerability in YugaByte, Inc. Yugabyte Managed allows Accessing Functionality Not Properly Constrained by ACLs, Communication Channel Manipulation, Authentication Abuse.This issue affects Yugabyte Managed: from 2.0.0.0 through 2.13.0.0 | |||||
| CVE-2023-0575 | 4 Apple, Linux, Microsoft and 1 more | 5 Iphone Os, Macos, Linux Kernel and 2 more | 2023-11-10 | N/A | 9.8 CRITICAL |
| External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py. This issue affects Yugabyte DB: Lesser then 2.2.0.0 | |||||
| CVE-2023-46958 | 1 Lmxcms | 1 Lmxcms | 2023-11-09 | N/A | 9.8 CRITICAL |
| An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file. | |||||
| CVE-2020-28715 | 1 Leeco | 2 Letv X43, Letv X43 Firmware | 2023-08-26 | N/A | 9.8 CRITICAL |
| An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). | |||||
| CVE-2023-25915 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2023-08-24 | N/A | 9.8 CRITICAL |
| Due to improper input validation, a remote attacker could execute arbitrary commands on the target system. | |||||
| CVE-2023-39660 | 1 Gabrieleventuri | 1 Pandasai | 2023-08-24 | N/A | 9.8 CRITICAL |
| An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function. | |||||
| CVE-2023-32002 | 1 Nodejs | 1 Node.js | 2023-08-24 | N/A | 9.8 CRITICAL |
| The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | |||||
| CVE-2023-21242 | 1 Google | 1 Android | 2023-08-24 | N/A | 9.8 CRITICAL |
| In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-29141 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2023-08-23 | N/A | 9.8 CRITICAL |
| An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. | |||||
| CVE-2021-37384 | 1 Furukawa | 8 423-41w\/ac, 423-41w\/ac Firmware, Ld420-10r and 5 more | 2023-08-22 | N/A | 9.8 CRITICAL |
| A remote command execution (RCE) vulnerability in the web interface component of Furukawa Electric LatAM 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 allows unauthenticated attackers to send arbitrary commands to the device via unspecified vectors. | |||||
| CVE-2023-40267 | 1 Gitpython Project | 1 Gitpython | 2023-08-22 | N/A | 9.8 CRITICAL |
| GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. | |||||
| CVE-2023-40359 | 1 Invisible-island | 1 Xterm | 2023-08-22 | N/A | 9.8 CRITICAL |
| xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. | |||||
| CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | |||||
| CVE-2023-4337 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | |||||
| CVE-2023-4338 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | |||||
| CVE-2023-4340 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | |||||
| CVE-2023-4342 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | |||||
| CVE-2023-4341 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | |||||
| CVE-2023-4325 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | |||||
| CVE-2023-4323 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | |||||
| CVE-2023-4324 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | |||||
| CVE-2023-4329 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | |||||
| CVE-2023-20586 | 1 Amd | 1 Radeon Software | 2023-08-21 | N/A | 9.8 CRITICAL |
| A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations | |||||