Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38685 | 1 Discourse | 1 Discourse | 2023-08-03 | N/A | 4.3 MEDIUM |
| Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. | |||||
| CVE-2023-3488 | 1 Silabs | 1 Gecko Software Development Kit | 2023-08-03 | N/A | 5.5 MEDIUM |
| Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file. | |||||
| CVE-2023-3990 | 1 Mingsoft | 1 Mcms | 2023-08-03 | N/A | 6.1 MEDIUM |
| A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-235611. | |||||
| CVE-2023-3989 | 1 Jewelry Store System Project | 1 Jewelry Store System | 2023-08-03 | N/A | 6.1 MEDIUM |
| A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-235610 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-38602 | 1 Apple | 1 Macos | 2023-08-03 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. | |||||
| CVE-2023-38593 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-08-02 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to cause a denial-of-service. | |||||
| CVE-2023-38608 | 1 Apple | 1 Macos | 2023-08-02 | N/A | 5.5 MEDIUM |
| The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.5. An app may be able to access user-sensitive data. | |||||
| CVE-2023-3957 | 1 Navz | 1 Acf Photo Gallery Field | 2023-08-02 | N/A | 4.3 MEDIUM |
| The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with subscriber-level permissions or above, to update the user metas arbitrarily. The meta value can only be a string. | |||||
| CVE-2023-37980 | 1 Custom Field For Wp Job Manager Project | 1 Custom Field For Wp Job Manager | 2023-08-02 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Custom Field For WP Job Manager plugin <= 1.1 versions. | |||||
| CVE-2023-3970 | 1 Gzscripts | 1 Availability Booking Calendar Php | 2023-08-02 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser&action=edit&id=1 of the component Image Handler. The manipulation of the argument img leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235569 was assigned to this vulnerability. | |||||
| CVE-2023-3969 | 1 Gzscripts | 1 Availability Booking Calendar Php | 2023-08-02 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promo_code leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235568. | |||||
| CVE-2023-37970 | 1 Mf Gig Calendar Project | 1 Mf Gig Calendar | 2023-08-02 | N/A | 5.4 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions. | |||||
| CVE-2023-37894 | 1 Radiustheme | 1 Variation Images Gallery For Woocommerce | 2023-08-02 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Images Gallery for WooCommerce plugin <= 2.3.3 versions. | |||||
| CVE-2023-37993 | 1 Maennchen1 | 1 Wpshopgermany It-recht Kanzlei | 2023-08-02 | N/A | 4.8 MEDIUM |
| Auth. Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany IT-RECHT KANZLEI plugin <= 1.7 versions. | |||||
| CVE-2023-37981 | 1 Wpkube | 1 Authors List | 2023-08-02 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPKube Authors List plugin <= 2.0.2 versions. | |||||
| CVE-2023-37976 | 1 Radioforge | 1 Radio Forge Muses Player With Skins | 2023-08-02 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Radio Forge Muses Player with Skins plugin <= 2.5 versions. | |||||
| CVE-2023-37975 | 1 Variation Swatches For Woocommerce Project | 1 Variation Swatches For Woocommerce | 2023-08-02 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions. | |||||
| CVE-2023-38501 | 1 Copyparty Project | 1 Copyparty | 2023-08-02 | N/A | 6.1 MEDIUM |
| copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue. | |||||
| CVE-2023-3945 | 1 Phpscriptpoint | 1 Lawyer | 2023-08-02 | N/A | 6.1 MEDIUM |
| A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-3947 | 1 Imdpen | 1 Video Conferencing With Zoom | 2023-08-02 | N/A | 5.3 MEDIUM |
| The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapi_encrypt_decrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meeting id and password. | |||||
| CVE-2023-3384 | 1 Redhat | 1 Quay | 2023-08-02 | N/A | 5.4 MEDIUM |
| A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to a public registry containing a script that can be executed via Cross-site scripting (XSS). | |||||
| CVE-2023-38500 | 1 Typo3 | 1 Html Sanitizer | 2023-08-02 | N/A | 6.1 MEDIUM |
| TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious markup nested in a `noscript` element was not encoded correctly. `noscript` is disabled in the default configuration, but might have been enabled in custom scenarios. This allows bypassing the cross-site scripting mechanism of TYPO3 HTML Sanitizer. Versions 1.5.1 and 2.1.2 fix the problem. | |||||
| CVE-2023-38499 | 1 Typo3 | 1 Typo3 | 2023-08-02 | N/A | 5.3 MEDIUM |
| TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. | |||||
| CVE-2023-35929 | 1 Enalean | 1 Tuleap | 2023-08-02 | N/A | 5.4 MEDIUM |
| Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix. | |||||
| CVE-2023-34189 | 1 Apache | 1 Inlong | 2023-08-02 | N/A | 6.5 MEDIUM |
| Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it. | |||||
| CVE-2023-21405 | 1 Axis | 11 A1001, A1001 Firmware, A1210 \(-b\) and 8 more | 2023-08-02 | N/A | 6.5 MEDIUM |
| Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed. No sensitive or customer data can be extracted as the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions. | |||||
| CVE-2023-35942 | 1 Envoyproxy | 1 Envoy | 2023-08-02 | N/A | 6.5 MEDIUM |
| Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. | |||||
| CVE-2023-3782 | 1 Squareup | 1 Okhttp-brotli | 2023-08-02 | N/A | 5.9 MEDIUM |
| DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response | |||||
| CVE-2021-34475 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 5.4 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-33140 | 1 Microsoft | 1 Onenote | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft OneNote Spoofing Vulnerability | |||||
| CVE-2023-28261 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 5.7 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-23269 | 1 Microsoft | 1 Dynamics Gp | 2023-08-02 | 4.3 MEDIUM | 5.4 MEDIUM |
| Microsoft Dynamics GP Spoofing Vulnerability | |||||
| CVE-2022-23258 | 2 Google, Microsoft | 2 Android, Edge | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability | |||||
| CVE-2022-0377 | 1 Thimpress | 1 Learnpress | 2023-08-02 | 3.5 LOW | 4.3 MEDIUM |
| Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulnerability in order to rename an arbitrary image file. By doing this, they could destroy the design of the web site. | |||||
| CVE-2022-0345 | 1 Madewithfuel | 1 Customize Wordpress Emails And Alerts | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfw_search_users AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes (finding the first letter, then the second one, then the third one etc.). | |||||
| CVE-2022-0164 | 1 Wpdevart | 1 Coming Soon And Maintenance Mode | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users | |||||
| CVE-2022-0363 | 1 Mycred | 1 Mycred | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts. | |||||
| CVE-2022-0287 | 1 Mycred | 1 Mycred | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog | |||||
| CVE-2022-0140 | 1 Vfbpro | 1 Visual Form Builder | 2023-08-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint. | |||||
| CVE-2022-0837 | 1 Tms-outsource | 1 Amelia | 2023-08-02 | 5.5 MEDIUM | 5.4 MEDIUM |
| The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious actor can abuse this vulnerability to drain out the account balance by keep sending SMS notification. | |||||
| CVE-2022-0404 | 1 Material Design For Contact Form 7 Project | 1 Material Design For Contact Form 7 | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check authorization or that the option mentioned in the notice param belongs to the plugin when processing requests to the cf7md_dismiss_notice action, allowing any logged in user (with roles as low as Subscriber) to set arbitrary options to true, potentially leading to Denial of Service by breaking the site. | |||||
| CVE-2022-0398 | 1 Caseproof | 1 Thirstyaffiliates Affiliate Link Manager | 2023-08-02 | 4.9 MEDIUM | 5.4 MEDIUM |
| The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website | |||||
| CVE-2022-0444 | 1 Watchful | 1 Xcloner | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key. | |||||
| CVE-2022-3206 | 1 Passster Project | 1 Passster | 2023-08-02 | N/A | 5.9 MEDIUM |
| The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked. | |||||
| CVE-2022-1551 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2023-08-02 | N/A | 6.5 MEDIUM |
| The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files. | |||||
| CVE-2022-28666 | 1 Yikesinc | 1 Custom Product Tabs For Woocommerce | 2023-08-02 | N/A | 5.3 MEDIUM |
| Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update. | |||||
| CVE-2023-21719 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2022-3082 | 1 Miniorange | 1 Discord Integration | 2023-08-02 | N/A | 6.5 MEDIUM |
| The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example | |||||
| CVE-2022-2834 | 1 Helpful Project | 1 Helpful | 2023-08-02 | N/A | 5.3 MEDIUM |
| The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plugin's settings | |||||
| CVE-2022-2891 | 1 Wpwhitesecurity | 1 Wp 2fa | 2023-08-02 | N/A | 5.9 MEDIUM |
| The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared. | |||||