Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49689 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49688 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49681 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-7023 | 1 Tongda2000 | 1 Office Anywhere 2017 | 2023-12-27 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/vehicle/query/delete.php. The manipulation of the argument VU_ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-248570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-47990 | 1 Cuppacms | 1 Cuppacms | 2023-12-27 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter. | |||||
| CVE-2023-45603 | 1 Plugin-planet | 1 User Submitted Posts | 2023-12-27 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902. | |||||
| CVE-2023-25970 | 1 Zendrop | 1 Zendrop | 2023-12-27 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global Dropshipping.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0. | |||||
| CVE-2023-48050 | 2 Camsbiometrics, Odoo | 2 Zkteco\, Essl\, Cams Biometrics Integration Module, Biometric Attendance | 2023-12-27 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py component. | |||||
| CVE-2023-49166 | 1 Magiclogix | 1 Msync | 2023-12-27 | N/A | 9.1 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0. | |||||
| CVE-2023-49161 | 1 Guelbetech | 1 Bravo Translate | 2023-12-27 | N/A | 9.1 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2. | |||||
| CVE-2023-29432 | 1 Favethemes | 1 Houzez | 2023-12-27 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3. | |||||
| CVE-2019-10158 | 2 Infinispan, Redhat | 2 Infinispan, Jboss Data Grid | 2023-12-27 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling. | |||||
| CVE-2019-3773 | 2 Oracle, Pivotal Software | 3 Financial Services Analytical Applications Infrastructure, Flexcube Private Banking, Spring Web Services | 2023-12-27 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources. | |||||
| CVE-2018-8088 | 3 Oracle, Qos, Redhat | 14 Goldengate Application Adapters, Goldengate Stream Analytics, Utilities Framework and 11 more | 2023-12-27 | 7.5 HIGH | 9.8 CRITICAL |
| org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series. | |||||
| CVE-2022-41903 | 1 Git-scm | 1 Git | 2023-12-27 | N/A | 9.8 CRITICAL |
| Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. | |||||
| CVE-2022-23521 | 1 Git-scm | 1 Git | 2023-12-27 | N/A | 9.8 CRITICAL |
| Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-5011 | 1 Kashipara | 1 Student Information System | 2023-12-26 | N/A | 9.8 CRITICAL |
| Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-5010 | 1 Kashipara | 1 Student Information System | 2023-12-26 | N/A | 9.8 CRITICAL |
| Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-5007 | 1 Kashipara | 1 Student Information System | 2023-12-26 | N/A | 9.8 CRITICAL |
| Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-3391 | 1 Oretnom23 | 1 Human Resource Management System | 2023-12-26 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232288. | |||||
| CVE-2022-4273 | 1 Oretnom23 | 1 Human Resource Management System | 2023-12-26 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability. | |||||
| CVE-2022-43262 | 1 Oretnom23 | 1 Human Resource Management System | 2023-12-26 | N/A | 9.8 CRITICAL |
| Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php. | |||||
| CVE-2022-3458 | 1 Oretnom23 | 1 Human Resource Management System | 2023-12-26 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210559. | |||||
| CVE-2021-38171 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-12-23 | 7.5 HIGH | 9.8 CRITICAL |
| adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. | |||||
| CVE-2023-34237 | 1 Sabnzbd | 1 Sabnzbd | 2023-12-23 | N/A | 9.8 CRITICAL |
| SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the vulnerabilities requires access to the web interface. Remote exploitation is possible if users[exposed their setup to the internet or other untrusted networks without setting a username/password. By default SABnzbd is only accessible from `localhost`, with no authentication required for the web interface. This issue has been patched in commits `e3a722` and `422b4f` which have been included in the 4.0.2 release. Users are advised to upgrade. Users unable to upgrade should ensure that a username and password have been set if their instance is web accessible. | |||||
| CVE-2023-38408 | 2 Fedoraproject, Openbsd | 2 Fedora, Openssh | 2023-12-22 | N/A | 9.8 CRITICAL |
| The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. | |||||
| CVE-2023-38429 | 1 Linux | 1 Linux Kernel | 2023-12-22 | N/A | 9.8 CRITICAL |
| An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access. | |||||
| CVE-2023-38430 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410s and 3 more | 2023-12-22 | N/A | 9.1 CRITICAL |
| An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | |||||
| CVE-2023-49004 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter. | |||||
| CVE-2023-50976 | 1 Redpanda | 1 Redpanda | 2023-12-22 | N/A | 9.8 CRITICAL |
| Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API. | |||||
| CVE-2023-41360 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2023-12-22 | N/A | 9.1 CRITICAL |
| An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. | |||||
| CVE-2023-41359 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2023-12-22 | N/A | 9.1 CRITICAL |
| An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation. | |||||
| CVE-2023-27812 | 1 Bloofox | 1 Bloofoxcms | 2023-12-22 | N/A | 9.1 CRITICAL |
| bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function. | |||||
| CVE-2023-46265 | 1 Ivanti | 1 Avalanche | 2023-12-22 | N/A | 9.8 CRITICAL |
| An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery (SSRF). | |||||
| CVE-2023-50992 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function. | |||||
| CVE-2023-50990 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function. | |||||
| CVE-2023-50989 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. | |||||
| CVE-2023-50988 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function. | |||||
| CVE-2023-50987 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function. | |||||
| CVE-2023-50986 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. | |||||
| CVE-2023-50985 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function. | |||||
| CVE-2023-50984 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function. | |||||
| CVE-2023-50983 | 1 Tenda | 2 I29, I29 Firmware | 2023-12-22 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. | |||||
| CVE-2023-48434 | 1 Projectworlds | 1 Online Voting System Project | 2023-12-22 | N/A | 9.8 CRITICAL |
| Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-48433 | 1 Projectworlds | 1 Online Voting System Project | 2023-12-22 | N/A | 9.8 CRITICAL |
| Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-6483 | 1 Aditaas | 1 Allied Digital Integrated Tool-as-a-service | 2023-12-22 | N/A | 9.8 CRITICAL |
| The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as-a-Service) version 5.1 due to an improper authentication vulnerability in the ADiTaaS backend API. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable platform. Successful exploitation of this vulnerability could allow the attacker to gain full access to the customers’ data and completely compromise the targeted platform. | |||||
| CVE-2023-47754 | 1 Cleverplugins | 1 Delete Duplicate Posts | 2023-12-22 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in Clever plugins Delete Duplicate Posts allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Delete Duplicate Posts: from n/a through 4.8.9. | |||||
| CVE-2023-4262 | 1 Zephyrproject | 1 Zephyr | 2023-12-22 | N/A | 10.0 CRITICAL |
| Possible buffer overflow in Zephyr mgmt subsystem when asserts are disabled | |||||
| CVE-2023-4260 | 1 Zephyrproject | 1 Zephyr | 2023-12-22 | N/A | 10.0 CRITICAL |
| Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. | |||||
| CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2023-12-22 | N/A | 9.6 CRITICAL |
| Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | |||||