Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38862 | 1 Comfast | 2 Cf-xr11, Cf-xr11 Firmware | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt. | |||||
| CVE-2023-32493 | 1 Dell | 1 Powerscale Onefs | 2023-08-22 | N/A | 9.8 CRITICAL |
| Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution. | |||||
| CVE-2023-33663 | 1 Ai-dev | 1 Aicustomfee | 2023-08-22 | N/A | 9.8 CRITICAL |
| In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue. | |||||
| CVE-2023-39115 | 1 Campcodes | 1 Complete Online Matrimonial Website System Script | 2023-08-22 | N/A | 9.8 CRITICAL |
| install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document. | |||||
| CVE-2023-38865 | 1 Comfast | 2 Cf-xr11, Cf-xr11 Firmware | 2023-08-22 | N/A | 9.8 CRITICAL |
| COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr. | |||||
| CVE-2023-39662 | 1 Llamaindex Project | 1 Llamaindex | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function. | |||||
| CVE-2023-39661 | 1 Gabrieleventuri | 1 Pandasai | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function. | |||||
| CVE-2023-39659 | 1 Langchain | 1 Langchain | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component. | |||||
| CVE-2020-26037 | 1 Evenbalance | 1 Punkbuster | 2023-08-22 | N/A | 9.8 CRITICAL |
| Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code. | |||||
| CVE-2023-3259 | 1 Dataprobe | 44 Iboot-pdu4-c20, Iboot-pdu4-c20 Firmware, Iboot-pdu4-n20 and 41 more | 2023-08-22 | N/A | 9.8 CRITICAL |
| The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information | |||||
| CVE-2023-3265 | 1 Cyberpower | 1 Powerpanel Server | 2023-08-22 | N/A | 9.8 CRITICAL |
| An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials. | |||||
| CVE-2023-3264 | 2 Cyberpower, Dataprobe | 45 Powerpanel Server, Iboot-pdu4-c20, Iboot-pdu4-c20 Firmware and 42 more | 2023-08-22 | N/A | 9.8 CRITICAL |
| The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution. | |||||
| CVE-2023-3266 | 1 Cyberpower | 1 Powerpanel Server | 2023-08-22 | N/A | 9.8 CRITICAL |
| A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully. | |||||
| CVE-2023-38915 | 1 Wolf18 | 1 Easyadmin8 | 2023-08-22 | N/A | 9.8 CRITICAL |
| File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbtirary code via the upload type function. | |||||
| CVE-2023-32748 | 1 Mitel | 1 Mivoice Connect | 2023-08-22 | N/A | 9.8 CRITICAL |
| The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. | |||||
| CVE-2023-29468 | 1 Ti | 1 Wilink8-wifi-mcp8 | 2023-08-22 | N/A | 9.8 CRITICAL |
| The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier. | |||||
| CVE-2023-38896 | 1 Langchain | 1 Langchain | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. | |||||
| CVE-2023-38860 | 1 Langchain | 1 Langchain | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. | |||||
| CVE-2023-35082 | 1 Ivanti | 1 Endpoint Manager Mobile | 2023-08-22 | N/A | 9.8 CRITICAL |
| An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier. | |||||
| CVE-2023-39846 | 1 Pantsel | 1 Konga | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. | |||||
| CVE-2023-4337 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | |||||
| CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | |||||
| CVE-2023-4338 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | |||||
| CVE-2023-4344 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection | |||||
| CVE-2023-4342 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | |||||
| CVE-2023-4341 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | |||||
| CVE-2023-4340 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | |||||
| CVE-2023-4325 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | |||||
| CVE-2023-4324 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | |||||
| CVE-2023-4323 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | |||||
| CVE-2023-4329 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 9.8 CRITICAL |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | |||||
| CVE-2023-21287 | 1 Google | 1 Android | 2023-08-21 | N/A | 9.8 CRITICAL |
| In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-39293 | 1 Mitel | 3 Mivoice Office 400, Mivoice Office 400 Smb Controller, Mivoice Office 400 Smb Controller Firmware | 2023-08-21 | N/A | 9.8 CRITICAL |
| A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system. | |||||
| CVE-2023-39852 | 1 Doctor Appointment System Project | 1 Doctor Appointment System | 2023-08-21 | N/A | 9.8 CRITICAL |
| ** DISPUTED ** Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who indicates that the userid is a session variable controlled by the server, and thus cannot be used for exploitation. | |||||
| CVE-2023-20586 | 1 Amd | 1 Radeon Software | 2023-08-21 | N/A | 9.8 CRITICAL |
| A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations | |||||
| CVE-2023-39292 | 1 Mitel | 3 Mivoice Office 400, Mivoice Office 400 Smb Controller, Mivoice Office 400 Smb Controller Firmware | 2023-08-21 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations. | |||||
| CVE-2023-30187 | 1 Onlyoffice | 1 Document Server | 2023-08-21 | N/A | 9.8 CRITICAL |
| An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | |||||
| CVE-2023-30186 | 1 Onlyoffice | 1 Document Server | 2023-08-21 | N/A | 9.8 CRITICAL |
| A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | |||||
| CVE-2023-3824 | 1 Php | 1 Php | 2023-08-21 | N/A | 9.8 CRITICAL |
| In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. | |||||
| CVE-2023-3435 | 1 Solwininfotech | 1 User Activity Log | 2023-08-21 | N/A | 9.8 CRITICAL |
| The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks. | |||||
| CVE-2023-39851 | 1 Webchess Project | 1 Webchess | 2023-08-21 | N/A | 9.8 CRITICAL |
| ** DISPUTED ** webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation. | |||||
| CVE-2022-4920 | 1 Google | 1 Chrome | 2023-08-19 | N/A | 9.6 CRITICAL |
| Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2021-40393 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2023-08-19 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-39850 | 1 Schoolmate Project | 1 Schoolmate | 2023-08-18 | N/A | 9.8 CRITICAL |
| Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php. | |||||
| CVE-2023-40256 | 1 Veritas | 1 Netbackup Snapshot Manager | 2023-08-18 | N/A | 9.8 CRITICAL |
| A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers. | |||||
| CVE-2020-27544 | 1 Foldingathome | 1 Client Advanced Control | 2023-08-18 | N/A | 9.8 CRITICAL |
| An issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py. | |||||
| CVE-2023-3452 | 1 Canto | 1 Canto | 2023-08-18 | N/A | 9.8 CRITICAL |
| The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. | |||||
| CVE-2022-23221 | 3 Debian, H2database, Oracle | 3 Debian Linux, H2, Communications Cloud Native Core Console | 2023-08-18 | 10.0 HIGH | 9.8 CRITICAL |
| H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | |||||
| CVE-2021-23463 | 1 H2database | 1 H2 | 2023-08-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability. | |||||
| CVE-2021-28411 | 1 Ruoyi | 1 Ruoyi | 2023-08-18 | N/A | 9.8 CRITICAL |
| An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | |||||