Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50035 | 1 Small Crm Project | 1 Small Crm | 2024-01-05 | N/A | 9.8 CRITICAL |
| PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed. | |||||
| CVE-2023-52139 | 1 Misskey | 1 Misskey | 2024-01-05 | N/A | 9.6 CRITICAL |
| Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L811) or [secure](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L805) without the user's permission and perform operations such as reading or adding non-public content. As a result, if the user who authenticated the application is an administrator, confidential information such as object storage secret keys and SMTP server passwords will be leaked, and general users can also create invitation codes without permission and leak non-public user information. This is patched in version [2023.12.1](https://github.com/misskey-dev/misskey/commit/c96bc36fedc804dc840ea791a9355d7df0748e64). | |||||
| CVE-2023-52252 | 1 Unifiedremote | 1 Unified Remote | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint. | |||||
| CVE-2023-41544 | 1 Jeecg | 1 Jeecg Boot | 2024-01-05 | N/A | 9.8 CRITICAL |
| SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component. | |||||
| CVE-2023-51135 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. | |||||
| CVE-2023-51133 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. | |||||
| CVE-2023-51136 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. | |||||
| CVE-2023-50651 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi. | |||||
| CVE-2023-50589 | 1 Embras | 1 Geosiap Erp | 2024-01-05 | N/A | 9.8 CRITICAL |
| Grupo Embras GEOSIAP ERP v2.2.167.02 was discovered to contain a SQL injection vulnerability via the codLogin parameter on the login page. | |||||
| CVE-2023-51473 | 1 Pixelemu | 1 Terraclassifieds | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pixelemu TerraClassifieds – Simple Classifieds Plugin.This issue affects TerraClassifieds – Simple Classifieds Plugin: from n/a through 2.0.3. | |||||
| CVE-2023-51468 | 1 Boiteasite | 1 Download Rencontre - Dating Site | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Jacques Malgrange Rencontre – Dating Site.This issue affects Rencontre – Dating Site: from n/a through 3.10.1. | |||||
| CVE-2023-4675 | 1 Gmbilisim | 1 Multi-disciplinary Design Optimization | 2024-01-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GM Information Technologies MDO allows SQL Injection.This issue affects MDO: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-51505 | 1 Pluginus | 1 Active Products Tables For Woocommerce | 2024-01-05 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6. | |||||
| CVE-2023-7127 | 1 Code-projects | 1 Automated Voting System | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-51414 | 1 Donweb | 1 Envialosimple\ | 2024-01-05 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1. | |||||
| CVE-2023-7152 | 1 Micropython | 1 Micropython | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-7159 | 1 Masterlab | 1 Masterlab | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability was found in gopeak MasterLab up to 3.3.10. It has been declared as critical. Affected by this vulnerability is the function add/update of the file app/ctrl/admin/User.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249181 was assigned to this vulnerability. | |||||
| CVE-2023-7157 | 1 Mayurik | 1 Free And Open Source Inventory Management System | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /app/ajax/sell_return_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249179. | |||||
| CVE-2023-7156 | 1 Campcodes | 1 Online College Library System | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in Campcodes Online College Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php of the component Search. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249178 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-23634 | 1 Documize | 1 Documize | 2024-01-05 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint. | |||||
| CVE-2023-7158 | 1 Micropython | 1 Micropython | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.22.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-249180. | |||||
| CVE-2023-40397 | 3 Apple, Webkitgtk, Wpewebkit | 3 Macos, Webkitgtk, Wpe Webkit | 2024-01-05 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. | |||||
| CVE-2023-7161 | 1 Netentsec | 2 Application Security Gateway, Application Security Gateway Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file index.php?para=index of the component Login. The manipulation of the argument check_VirtualSiteId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249183. | |||||
| CVE-2023-7147 | 1 Masterlab | 1 Masterlab | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in gopeak MasterLab up to 3.3.10. Affected is the function base64ImageContent of the file app/ctrl/User.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. VDB-249150 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-52314 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system. | |||||
| CVE-2023-52311 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system. | |||||
| CVE-2023-52310 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system. | |||||
| CVE-2023-52309 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. | |||||
| CVE-2023-52307 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | |||||
| CVE-2023-52304 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | |||||
| CVE-2023-32874 | 1 Mediatek | 45 Lr13, Mt2735, Mt6779 and 42 more | 2024-01-05 | N/A | 9.8 CRITICAL |
| In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893). | |||||
| CVE-2023-50731 | 1 Mindsdb | 1 Mindsdb | 2024-01-05 | N/A | 9.1 CRITICAL |
| MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put` method in `mindsdb/mindsdb/api/http/namespaces/file.py` does not validate the user-controlled name value, which is used in a temporary file name, which is afterwards opened for writing on lines 122-125, which leads to path injection. Later in the method, the temporary directory is deleted on line 151, but since we can write outside of the directory using the path injection vulnerability, the potentially dangerous file is not deleted. Arbitrary file contents can be written due to `f.write(chunk)` on line 125. Mindsdb does check later on line 149 in the `save_file` method in `file-controller.py` which calls the `_handle_source` method in `file_handler.py` if a file is of one of the types `csv`, `json`, `parquet`, `xls`, or `xlsx`. However, since the check happens after the file has already been written, the files will still exist (and will not be removed due to the path injection described earlier), just the `_handle_source` method will return an error. The same user-controlled source source is used also in another path injection sink on line 138. This leads to another path injection, which allows an attacker to delete any `zip` or `tar.gz` files on the server. | |||||
| CVE-2023-49773 | 1 Bcorp Shortcodes Project | 1 Bcorp Shortcodes | 2024-01-05 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23. | |||||
| CVE-2021-22930 | 4 Debian, Netapp, Nodejs and 1 more | 4 Debian Linux, Nextgen Api, Node.js and 1 more | 2024-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. | |||||
| CVE-2021-22931 | 4 Netapp, Nodejs, Oracle and 1 more | 10 Active Iq Unified Manager, Nextgen Api, Oncommand Insight and 7 more | 2024-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. | |||||
| CVE-2023-51411 | 1 Dynamiapps | 1 Frontend Admin | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a through 3.18.3. | |||||
| CVE-2023-51419 | 1 Bertha | 1 Bertha Ai | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through 1.11.10.7. | |||||
| CVE-2023-51412 | 1 Piotnet | 1 Piotnet Forms | 2024-01-05 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Piotnet Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.25. | |||||
| CVE-2023-7144 | 1 Masterlab | 1 Masterlab | 2024-01-05 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249147. | |||||
| CVE-2023-50104 | 1 Zzcms | 1 Zzcms | 2024-01-05 | N/A | 9.8 CRITICAL |
| ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code. | |||||
| CVE-2023-7131 | 1 Carmelogarcia | 1 Intern Membership Management System | 2024-01-04 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user_registration/ of the component User Registration. The manipulation of the argument userName leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249134 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-52174 | 1 Xnview | 1 Xnview Classic | 2024-01-04 | N/A | 9.8 CRITICAL |
| XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3125D6. | |||||
| CVE-2023-52173 | 1 Xnview | 1 Xnview Classic | 2024-01-04 | N/A | 9.8 CRITICAL |
| XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0. | |||||
| CVE-2023-23424 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-01-04 | N/A | 9.8 CRITICAL |
| Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution | |||||
| CVE-2023-52077 | 1 Nexryai | 1 Nexkey | 2024-01-04 | N/A | 9.8 CRITICAL |
| Nexkey is a lightweight fork of Misskey v12 optimized for small to medium size servers. Prior to 12.23Q4.5, Nexkey allows external apps using tokens issued by administrators and moderators to call admin APIs. This allows malicious third-party apps to perform operations such as updating server settings, as well as compromise object storage and email server credentials. This issue has been patched in 12.23Q4.5. | |||||
| CVE-2022-22995 | 3 Fedoraproject, Netatalk, Westerndigital | 24 Fedora, Netatalk, My Cloud and 21 more | 2024-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code. | |||||
| CVE-2023-7145 | 1 Masterlab | 1 Masterlab | 2024-01-04 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249148. | |||||
| CVE-2023-7146 | 1 Masterlab | 1 Masterlab | 2024-01-04 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249149 was assigned to this vulnerability. | |||||
| CVE-2023-50839 | 1 Wiselyhub | 1 Js Help Desk | 2024-01-04 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1. | |||||
| CVE-2023-25054 | 1 Carrcommunications | 1 Rsvpmaker | 2024-01-04 | N/A | 9.8 CRITICAL |
| Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6. | |||||