Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45741 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the relay6to4 parameters. | |||||
| CVE-2021-45739 | 1 Totolink | 2 A720r, A720r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag parameter. | |||||
| CVE-2021-45737 | 1 Totolink | 2 A720r, A720r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the Host parameter. | |||||
| CVE-2021-45736 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the eip, sip, server parameters. | |||||
| CVE-2021-45734 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via the url parameter. | |||||
| CVE-2021-44246 | 1 Totolink | 6 A3100r, A3100r Firmware, A720r and 3 more | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IpTo parameter. | |||||
| CVE-2022-0366 | 1 Capsule8 | 1 Capsule8 | 2023-08-08 | 6.5 MEDIUM | 8.8 HIGH |
| An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1. | |||||
| CVE-2021-46509 | 1 Cesanta | 1 Mjs | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c. | |||||
| CVE-2021-40167 | 1 Autodesk | 1 Design Review | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-23935 | 1 Exiftool Project | 1 Exiftool | 2023-08-08 | 7.6 HIGH | 7.8 HIGH |
| lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. | |||||
| CVE-2021-44988 | 1 Jerryscript | 1 Jerryscript | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c. | |||||
| CVE-2022-23095 | 1 Opendesign | 1 Drawings Software Development Kit | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-20612 | 1 Mitsubishielectric | 6 Fx3u-enet, Fx3u-enet-l, Fx3u-enet-l Firmware and 3 more | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. | |||||
| CVE-2021-30311 | 1 Qualcomm | 134 Ar8035, Ar8035 Firmware, Qca6390 and 131 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-43703 | 1 Arm | 2 Arm Development Studio, Ds Development Studio | 2023-08-08 | N/A | 7.8 HIGH |
| An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. | |||||
| CVE-2023-39144 | 1 Element55 | 1 Knowmore | 2023-08-08 | N/A | 7.5 HIGH |
| Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext. | |||||
| CVE-2023-1208 | 1 Riverside | 1 Http Headers | 2023-08-08 | N/A | 7.2 HIGH |
| This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability. | |||||
| CVE-2023-1207 | 1 Riverside | 1 Http Headers | 2023-08-08 | N/A | 7.2 HIGH |
| This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. | |||||
| CVE-2023-25957 | 1 Mendix | 1 Saml | 2023-08-08 | N/A | 7.5 HIGH |
| A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application. For compatibility reasons, fix versions still contain this issue, but only when the recommended, default configuration option `'Use Encryption'` is disabled. | |||||
| CVE-2020-27738 | 1 Siemens | 6 Nucleus Net, Nucleus Readystart V3, Nucleus Readystart V4 and 3 more | 2023-08-08 | 5.8 MEDIUM | 7.4 HIGH |
| A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition. | |||||
| CVE-2020-27009 | 1 Siemens | 2 Nucleus Net, Nucleus Source Code | 2023-08-08 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. | |||||
| CVE-2020-15795 | 1 Siemens | 2 Nucleus Net, Nucleus Source Code | 2023-08-08 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. | |||||
| CVE-2023-2329 | 1 Gsheetconnector | 1 Woocommerce Google Sheet Connector | 2023-08-08 | N/A | 8.8 HIGH |
| The WooCommerce Google Sheet Connector WordPress plugin before 1.3.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack | |||||
| CVE-2023-34624 | 1 Htmlcleaner Project | 1 Htmlcleaner | 2023-08-08 | N/A | 7.5 HIGH |
| An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-32302 | 1 Silverstripe | 1 Framework | 2023-08-07 | N/A | 8.1 HIGH |
| Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13. | |||||
| CVE-2023-38956 | 1 Zkteco | 1 Bioaccess Ivs | 2023-08-07 | N/A | 7.5 HIGH |
| A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | |||||
| CVE-2023-38955 | 1 Zkteco | 1 Bioaccess Ivs | 2023-08-07 | N/A | 7.5 HIGH |
| ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | |||||
| CVE-2023-31427 | 1 Broadcom | 1 Fabric Operating System | 2023-08-07 | N/A | 7.8 HIGH |
| Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled. | |||||
| CVE-2022-43702 | 1 Arm | 6 Arm Compiler, Arm Compiler For Embedded Fusa, Arm Compiler For Functional Safety and 3 more | 2023-08-07 | N/A | 7.8 HIGH |
| When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. | |||||
| CVE-2022-43701 | 1 Arm | 11 Arm Compiler, Arm Compiler For Embedded Fusa, Arm Compiler For Functional Safety and 8 more | 2023-08-07 | N/A | 7.8 HIGH |
| When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. | |||||
| CVE-2021-35391 | 1 Deskpro | 1 Deskpro | 2023-08-07 | N/A | 7.2 HIGH |
| Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL. | |||||
| CVE-2023-21412 | 1 Axis | 1 License Plate Verifier | 2023-08-07 | N/A | 8.8 HIGH |
| User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections. | |||||
| CVE-2023-21411 | 1 Axis | 1 License Plate Verifier | 2023-08-07 | N/A | 8.8 HIGH |
| User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. | |||||
| CVE-2023-21410 | 1 Axis | 1 License Plate Verifier | 2023-08-07 | N/A | 8.8 HIGH |
| User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution. | |||||
| CVE-2023-38556 | 1 Epson | 24 Ep-801a, Ep-801a Firmware, Ep-802a and 21 more | 2023-08-07 | N/A | 7.5 HIGH |
| Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in some printers provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor. | |||||
| CVE-2023-21407 | 1 Axis | 1 License Plate Verifier | 2023-08-07 | N/A | 8.8 HIGH |
| A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges. | |||||
| CVE-2023-34552 | 1 Ezviz | 18 Cs-c6n-a0-1c2wfr-mul, Cs-c6n-a0-1c2wfr-mul Firmware, Cs-c6n-b0-1g2wf and 15 more | 2023-08-07 | N/A | 8.8 HIGH |
| In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. | |||||
| CVE-2023-34551 | 1 Ezviz | 18 Cs-c6n-a0-1c2wfr-mul, Cs-c6n-a0-1c2wfr-mul Firmware, Cs-c6n-b0-1g2wf and 15 more | 2023-08-07 | N/A | 8.0 HIGH |
| In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote). | |||||
| CVE-2020-11732 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. | |||||
| CVE-2022-46485 | 1 Ngsurvey | 1 Ngsurvey | 2023-08-07 | N/A | 7.5 HIGH |
| Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details". | |||||
| CVE-2022-46484 | 1 Ngsurvey | 1 Ngsurvey | 2023-08-07 | N/A | 7.5 HIGH |
| Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys. | |||||
| CVE-2023-31926 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-08-07 | N/A | 7.1 HIGH |
| System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. | |||||
| CVE-2023-3107 | 2 Freebsd, Netapp | 2 Freebsd, Clustered Data Ontap | 2023-08-07 | N/A | 7.5 HIGH |
| A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service. | |||||
| CVE-2023-36298 | 1 Dedecms | 1 Dedecms | 2023-08-07 | N/A | 8.8 HIGH |
| DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE). | |||||
| CVE-2023-36299 | 1 Typecho | 1 Typecho | 2023-08-07 | N/A | 8.8 HIGH |
| A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php. | |||||
| CVE-2023-33370 | 1 Assaabloy | 1 Control Id Idsecure | 2023-08-07 | N/A | 7.5 HIGH |
| An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main web server of IDSecure to fault and crash, causing a denial of service. | |||||
| CVE-2023-29984 | 3 Brother, Fujifilm, Toshibatec | 432 Dcp-1610w, Dcp-1610w Firmware, Dcp-1610we and 429 more | 2023-08-07 | N/A | 7.5 HIGH |
| Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor. | |||||
| CVE-2023-24472 | 1 Openimageio | 1 Openimageio | 2023-08-07 | N/A | 7.5 HIGH |
| A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability. | |||||
| CVE-2022-24795 | 1 Yajl-ruby Project | 1 Yajl-ruby | 2023-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `size_t` in the 2.x branch of `yajl`, which practically prevents the issue from triggering on 64bit platforms, however this does not preclude this issue triggering on 32bit builds on which `size_t` is a 32bit integer. Subsequent population of this under-allocated heap chunk is based on the original buffer size, leading to heap memory corruption. This vulnerability mostly impacts process availability. Maintainers believe exploitation for arbitrary code execution is unlikely. A patch is available and anticipated to be part of yajl-ruby version 1.4.2. As a workaround, avoid passing large inputs to YAJL. | |||||
| CVE-2017-16516 | 2 Debian, Yajl-ruby Project | 2 Debian Linux, Yajl-ruby | 2023-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. | |||||