Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27461 | 1 Yoohooplugins | 1 When Last Login | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Yoohoo Plugins When Last Login plugin <= 1.2.1 versions. | |||||
| CVE-2023-28401 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2023-11-30 | N/A | 7.8 HIGH |
| Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28741 | 2 Intel, Microsoft | 4 Quickassist Technology, Quickassist Technology Firmware, Quickassist Technology Library and 1 more | 2023-11-30 | N/A | 7.8 HIGH |
| Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28740 | 2 Intel, Microsoft | 4 Quickassist Technology, Quickassist Technology Firmware, Quickassist Technology Library and 1 more | 2023-11-30 | N/A | 7.8 HIGH |
| Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-5528 | 2 Fedoraproject, Kubernetes | 2 Fedora, Kubernetes | 2023-11-30 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. | |||||
| CVE-2023-31320 | 1 Amd | 113 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 110 more | 2023-11-30 | N/A | 7.5 HIGH |
| Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service. | |||||
| CVE-2023-38885 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 8.8 HIGH |
| OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app. This may allow an attacker to trick an authenticated user into performing any kind of state changing request. | |||||
| CVE-2023-38884 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | |||||
| CVE-2022-3436 | 1 Web-based Student Clearance System Project | 1 Web-based Student Clearance System | 2023-11-30 | N/A | 7.5 HIGH |
| A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367. | |||||
| CVE-2023-6022 | 1 Prefect | 1 Prefect | 2023-11-30 | N/A | 8.8 HIGH |
| An attacker is able to steal secrets and potentially gain remote code execution via CSRF using the open source Prefect web server's API. | |||||
| CVE-2023-4664 | 1 Saphira | 1 Connect | 2023-11-30 | N/A | 8.8 HIGH |
| Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9. | |||||
| CVE-2021-38405 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-11-30 | N/A | 7.8 HIGH |
| The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-47631 | 1 Vantage6 | 1 Vantage6 | 2023-11-30 | N/A | 8.8 HIGH |
| vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). In affected versions a node does not check if an image is allowed to run if a `parent_id` is set. A malicious party that breaches the server may modify it to set a fake `parent_id` and send a task of a non-whitelisted algorithm. The node will then execute it because the `parent_id` that is set prevents checks from being run. This impacts all servers that are breached by an expert user. This vulnerability has been patched in version 4.1.2. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-6312 | 1 Razormist | 1 Loan Management System | 2023-11-30 | N/A | 7.2 HIGH |
| A vulnerability was found in SourceCodester Loan Management System 1.0. It has been classified as critical. Affected is the function delete_user of the file deleteUser.php of the component Users Page. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246138 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-49213 | 1 Ironmansoftware | 1 Powershell Universal | 2023-11-30 | N/A | 8.8 HIGH |
| The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1. | |||||
| CVE-2023-6311 | 1 Razormist | 1 Loan Management System | 2023-11-30 | N/A | 7.2 HIGH |
| A vulnerability was found in SourceCodester Loan Management System 1.0 and classified as critical. This issue affects the function delete_ltype of the file delete_ltype.php of the component Loan Type Page. The manipulation of the argument ltype_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246137 was assigned to this vulnerability. | |||||
| CVE-2023-6310 | 1 Razormist | 1 Loan Management System | 2023-11-30 | N/A | 7.2 HIGH |
| A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function delete_borrower of the file deleteBorrower.php. The manipulation of the argument borrower_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246136. | |||||
| CVE-2023-4223 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/document.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4222 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Command injection in `main/lp/openoffice_text_document.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters. | |||||
| CVE-2023-4221 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Command injection in `main/lp/openoffice_presentation.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters. | |||||
| CVE-2023-4226 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4225 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4224 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/dropbox.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-47668 | 1 Liquidweb | 1 Restrict Content | 2023-11-30 | N/A | 7.5 HIGH |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. | |||||
| CVE-2023-2603 | 4 Debian, Fedoraproject, Libcap Project and 1 more | 4 Debian Linux, Fedora, Libcap and 1 more | 2023-11-30 | N/A | 7.8 HIGH |
| A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. | |||||
| CVE-2023-44290 | 1 Dell | 1 Command\|monitor | 2023-11-30 | N/A | 7.8 HIGH |
| Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. | |||||
| CVE-2023-44289 | 1 Dell | 1 Command\|configure | 2023-11-30 | N/A | 7.8 HIGH |
| Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. | |||||
| CVE-2023-43086 | 1 Dell | 1 Command\|configure | 2023-11-30 | N/A | 7.8 HIGH |
| Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation. | |||||
| CVE-2023-2841 | 1 Zorem | 1 Advanced Local Pickup For Woocommerce | 2023-11-30 | N/A | 7.2 HIGH |
| The Advanced Local Pickup for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in versions up to, and including, 1.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with admin-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | |||||
| CVE-2023-32514 | 1 Himanshuparashar | 1 Google Site Verification Plugin Using Meta Tag | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Himanshu Parashar Google Site Verification plugin using Meta Tag.This issue affects Google Site Verification plugin using Meta Tag: from n/a through 1.2. | |||||
| CVE-2023-26279 | 1 Ibm | 1 Qradar Wincollect | 2023-11-30 | N/A | 7.8 HIGH |
| IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160. | |||||
| CVE-2023-6117 | 1 M-files | 1 M-files Server | 2023-11-30 | N/A | 7.5 HIGH |
| A possibility of unwanted server memory consumption was detected through the obsolete functionalities in the Rest API methods of the M-Files server before 23.11.13156.0 which allows attackers to execute DoS attacks. | |||||
| CVE-2023-32504 | 1 Kaine | 1 Wise Chat | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3. | |||||
| CVE-2023-32245 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8. | |||||
| CVE-2023-31089 | 1 Webternsolutions | 1 Video Xml Sitemap Generator | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0. | |||||
| CVE-2023-31075 | 1 Ciphercoin | 1 Easy Hide Login | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Login.This issue affects Easy Hide Login: from n/a through 1.0.8. | |||||
| CVE-2023-28780 | 1 Yoast | 1 Yoast Local Seo | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local Premium.This issue affects Yoast Local Premium: from n/a through 14.8. | |||||
| CVE-2023-38879 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 7.5 HIGH |
| The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. | |||||
| CVE-2023-29165 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2023-11-30 | N/A | 7.3 HIGH |
| Unquoted search path or element in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-3104 | 1 Unitree | 2 A1, A1 Firmware | 2023-11-30 | N/A | 7.5 HIGH |
| Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication. | |||||
| CVE-2023-41787 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 7.5 HIGH |
| Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows access to files with sensitive information. This issue affects Pandora FMS: from 700 through 772. | |||||
| CVE-2023-41788 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allows attackers to execute code via PHP file uploads. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41806 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 7.5 HIGH |
| Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability causes that a bad privilege assignment could cause a DOS attack that affects the availability of the Pandora FMS server. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41808 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 7.5 HIGH |
| Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows an unauthorised user to escalate and read sensitive files as if they were root. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41807 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 8.8 HIGH |
| Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-48238 | 1 Joaquimserafim | 1 Json Web Token | 2023-11-29 | N/A | 7.5 HIGH |
| joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm. | |||||
| CVE-2023-38361 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2023-11-29 | N/A | 7.5 HIGH |
| IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 260770. | |||||
| CVE-2023-48221 | 1 Wire | 1 Audio\, Video\, And Signaling | 2023-11-29 | N/A | 8.8 HIGH |
| wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 & 9.3.5 and is already included on all Wire products. No known workarounds are available. | |||||
| CVE-2023-48240 | 1 Xwiki | 1 Xwiki | 2023-11-29 | N/A | 8.8 HIGH |
| XWiki Platform is a generic wiki platform. The rendered diff in XWiki embeds images to be able to compare the contents and not display a difference for an actually unchanged image. For this, XWiki requests all embedded images on the server side. These requests are also sent for images from other domains and include all cookies that were sent in the original request to ensure that images with restricted view right can be compared. Starting in version 11.10.1 and prior to versions 14.10.15, 15.5.1, and 15.6, this allows an attacker to steal login and session cookies that allow impersonating the current user who views the diff. The attack can be triggered with an image that references the rendered diff, thus making it easy to trigger. Apart from stealing login cookies, this also allows server-side request forgery (the result of any successful request is returned in the image's source) and viewing protected content as once a resource is cached, it is returned for all users. As only successful requests are cached, the cache will be filled by the first user who is allowed to access the resource. This has been patched in XWiki 14.10.15, 15.5.1 and 15.6. The rendered diff now only downloads images from trusted domains. Further, cookies are only sent when the image's domain is the same the requested domain. The cache has been changed to be specific for each user. As a workaround, the image embedding feature can be disabled by deleting `xwiki-platform-diff-xml-<version>.jar` in `WEB-INF/lib/`. | |||||
| CVE-2023-48241 | 1 Xwiki | 1 Xwiki | 2023-11-29 | N/A | 7.5 HIGH |
| XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 14.10.15, 15.5.1, and 15.6RC1, the Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected information like password hashes). While there is a right check normally, the right check can be circumvented by explicitly requesting fields from Solr that don't include the data for the right check. This has been fixed in XWiki 15.6RC1, 15.5.1 and 14.10.15 by not listing documents whose rights cannot be checked. No known workarounds are available. | |||||