Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36392 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2023-11-20 | N/A | 7.5 HIGH |
| DHCP Server Service Denial of Service Vulnerability | |||||
| CVE-2023-36393 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-11-20 | N/A | 7.8 HIGH |
| Windows User Interface Application Core Remote Code Execution Vulnerability | |||||
| CVE-2023-36394 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2023-11-20 | N/A | 7.0 HIGH |
| Windows Search Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-36396 | 1 Microsoft | 2 Windows 11 22h2, Windows 11 23h2 | 2023-11-20 | N/A | 7.8 HIGH |
| Windows Compressed Folder Remote Code Execution Vulnerability | |||||
| CVE-2023-36395 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-11-20 | N/A | 7.5 HIGH |
| Windows Deployment Services Denial of Service Vulnerability | |||||
| CVE-2023-26205 | 1 Fortinet | 1 Fortiadc | 2023-11-20 | N/A | 8.8 HIGH |
| An improper access control vulnerability [CWE-284] in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script. | |||||
| CVE-2023-47117 | 1 Humansignal | 1 Label Studio | 2023-11-20 | N/A | 7.5 HIGH |
| Label Studio is an open source data labeling tool. In all current versions of Label Studio prior to 1.9.2post0, the application allows users to insecurely set filters for filtering tasks. An attacker can construct a filter chain to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper (ORM). Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by character. In addition, Label Studio had a hard coded secret key that an attacker can use to forge a session token of any user by exploiting this ORM Leak vulnerability to leak account password hashes. This vulnerability has been addressed in commit `f931d9d129` which is included in the 1.9.2post0 release. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-45684 | 1 Northern.tech | 1 Cfengine | 2023-11-20 | N/A | 7.5 HIGH |
| Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub. | |||||
| CVE-2023-6101 | 1 Maiwei Safety Production Control Platform Project | 1 Maiwei Safety Production Control Platform | 2023-11-20 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the component Intelligent Monitoring. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245063. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-46098 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 8.8 HIGH |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior. | |||||
| CVE-2023-46097 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 8.0 HIGH |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly neutralize user provided inputs. This could allow an authenticated adjacent attacker to execute SQL statements in the underlying database. | |||||
| CVE-2023-46601 | 1 Siemens | 1 Comos | 2023-11-20 | N/A | 7.5 HIGH |
| A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to. | |||||
| CVE-2020-8976 | 1 Zigor | 2 Zgr Tps200 Ng, Zgr Tps200 Ng Firmware | 2023-11-20 | N/A | 8.8 HIGH |
| The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request. | |||||
| CVE-2020-8973 | 1 Zigor | 2 Zgr Tps200 Ng, Zgr Tps200 Ng Firmware | 2023-11-20 | N/A | 8.1 HIGH |
| ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device. | |||||
| CVE-2020-8968 | 1 Parallels | 1 Remote Application Server | 2023-11-20 | 2.1 LOW | 7.1 HIGH |
| Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an attacker is able to recover the profile password. | |||||
| CVE-2023-31102 | 3 7-zip, Linux, Netapp | 4 7-zip, Linux Kernel, Active Iq Unified Manager and 1 more | 2023-11-20 | N/A | 7.8 HIGH |
| Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. | |||||
| CVE-2020-22283 | 1 Lwip Project | 1 Lwip | 2023-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet. | |||||
| CVE-2023-45582 | 1 Fortinet | 1 Fortimail | 2023-11-18 | N/A | 7.3 HIGH |
| An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 through 7.2.4, 7.0.0 through 7.0.6 and before 6.4.8 may allow an unauthenticated attacker to perform a brute force attack on the affected endpoints via repeated login attempts. | |||||
| CVE-2023-42783 | 1 Fortinet | 1 Fortiwlm | 2023-11-18 | N/A | 7.5 HIGH |
| A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests. | |||||
| CVE-2023-48021 | 1 Iteachyou | 1 Dreamer Cms | 2023-11-18 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/update. | |||||
| CVE-2021-1050 | 1 Google | 1 Android | 2023-11-18 | N/A | 7.8 HIGH |
| In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200 | |||||
| CVE-2014-125102 | 1 Bestwebsoft | 1 Relevant | 2023-11-18 | N/A | 7.5 HIGH |
| A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.0.8 is able to address this issue. The identifier of the patch is 860d1891025548cf0f5f97364c1f51a888f523c3. It is recommended to upgrade the affected component. The identifier VDB-230113 was assigned to this vulnerability. | |||||
| CVE-2023-43791 | 1 Humansignal | 1 Label Studio | 2023-11-18 | N/A | 8.8 HIGH |
| Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced. | |||||
| CVE-2023-43503 | 1 Siemens | 1 Comos | 2023-11-17 | N/A | 7.5 HIGH |
| A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP. | |||||
| CVE-2019-11069 | 1 Sequelizejs | 1 Sequelize | 2023-11-17 | 5.0 MEDIUM | 7.5 HIGH |
| Sequelize version 5 before 5.3.0 does not properly ensure that standard conforming strings are used. | |||||
| CVE-2018-1000807 | 3 Canonical, Pyopenssl, Redhat | 6 Ubuntu Linux, Pyopenssl, Enterprise Linux Desktop and 3 more | 2023-11-17 | 6.8 MEDIUM | 8.1 HIGH |
| Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0. | |||||
| CVE-2023-6097 | 1 Icssolution | 1 Ics Business Manager | 2023-11-17 | N/A | 8.8 HIGH |
| A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing the application to malfunction. | |||||
| CVE-2023-47390 | 1 Juanfont | 1 Headscale | 2023-11-17 | N/A | 7.5 HIGH |
| Headscale through 0.22.3 writes bearer tokens to info-level logs. | |||||
| CVE-2023-35041 | 1 Webpushr | 1 Web Push Notifications | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions. | |||||
| CVE-2023-6131 | 1 Salesagility | 1 Suitecrm | 2023-11-17 | N/A | 8.8 HIGH |
| Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. | |||||
| CVE-2023-6130 | 1 Salesagility | 1 Suitecrm | 2023-11-17 | N/A | 8.8 HIGH |
| Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. | |||||
| CVE-2023-48020 | 1 Iteachyou | 1 Dreamer Cms | 2023-11-17 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus. | |||||
| CVE-2023-34013 | 1 Ays-pro | 1 Poll Maker | 2023-11-17 | N/A | 7.5 HIGH |
| Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2. | |||||
| CVE-2023-47120 | 1 Discourse | 1 Discourse | 2023-11-17 | N/A | 7.5 HIGH |
| Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. | |||||
| CVE-2023-28134 | 1 Checkpoint | 1 Endpoint Security | 2023-11-17 | N/A | 7.8 HIGH |
| Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-27418 | 1 Wow-company | 1 Side Menu Lite | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions. | |||||
| CVE-2023-27417 | 1 Ifeelweb | 1 Affiliate Super Assistent | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <= 1.5.1 versions. | |||||
| CVE-2023-27431 | 1 Themehunk | 1 Big Store | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk Big Store theme <= 1.9.3 versions. | |||||
| CVE-2019-15656 | 1 Dlink | 4 Dsl-2875al, Dsl-2875al Firmware, Dsl-2877al and 1 more | 2023-11-17 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | |||||
| CVE-2017-14430 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote attackers to cause a denial of service (daemon crash) via crafted LAN traffic. | |||||
| CVE-2017-14426 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 2.1 LOW | 7.8 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions. | |||||
| CVE-2017-14425 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 2.1 LOW | 7.8 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/etc/hnapasswd permissions. | |||||
| CVE-2017-14424 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 2.1 LOW | 7.8 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/passwd permissions. | |||||
| CVE-2017-14428 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 2.1 LOW | 7.8 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions. | |||||
| CVE-2017-14427 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2023-11-17 | 2.1 LOW | 7.8 HIGH |
| D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/storage_account_root permissions. | |||||
| CVE-2023-27611 | 1 Jeanbaptisteaudras | 1 Reusable Blocks Extended | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reusable Blocks Extended plugin <= 0.9 versions. | |||||
| CVE-2023-34241 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-17 | N/A | 7.1 HIGH |
| OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue. | |||||
| CVE-2023-22809 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-11-17 | N/A | 7.8 HIGH |
| In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. | |||||
| CVE-2023-27623 | 1 Jenst | 1 Wp Page Numbers | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Jens Törnell WP Page Numbers plugin <= 0.5 versions. | |||||
| CVE-2023-27632 | 1 Daily Prayer Time Project | 1 Daily Prayer Time | 2023-11-17 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.03.08 versions. | |||||