Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33124 | 1 Aiohttp | 1 Aiohttp | 2023-11-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application | |||||
| CVE-2021-21330 | 3 Aiohttp, Debian, Fedoraproject | 3 Aiohttp, Debian Linux, Fedora | 2023-11-22 | 5.8 MEDIUM | 6.1 MEDIUM |
| aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the `aiohttp.web_middlewares.normalize_path_middleware` middleware. This security problem has been fixed in 3.7.4. Upgrade your dependency using pip as follows "pip install aiohttp >= 3.7.4". If upgrading is not an option for you, a workaround can be to avoid using `aiohttp.web_middlewares.normalize_path_middleware` in your applications. | |||||
| CVE-2023-44359 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44361 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 5.5 MEDIUM |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44365 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44366 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44372 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44371 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44367 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-46964 | 1 Hillstonenet | 2 Sc-6000-e3960, Sc-6000-e3960 Firmware | 2023-11-22 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering. | |||||
| CVE-2023-45960 | 2023-11-22 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2020-15862 | 3 Canonical, Net-snmp, Netapp | 6 Ubuntu Linux, Net-snmp, Cloud Backup and 3 more | 2023-11-22 | 7.2 HIGH | 7.8 HIGH |
| Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | |||||
| CVE-2023-47052 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47053 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47041 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47040 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44335 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44334 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47043 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47042 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2023-11-22 | N/A | N/A |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-26368 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-22 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.5 (and earlier) and 17.4.2 (and earlier) are affected by are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-4602 | 1 Kibokolabs | 1 Namaste\! Lms | 2023-11-22 | N/A | 6.1 MEDIUM |
| The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | |||||
| CVE-2023-43284 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2023-11-22 | N/A | 8.8 HIGH |
| D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. | |||||
| CVE-2023-40540 | 1 Intel | 112 Nuc 11 Enthusiast Kit Nuc11phki7c, Nuc 11 Enthusiast Kit Nuc11phki7c Firmware, Nuc 11 Enthusiast Mini Pc Nuc11phki7caa and 109 more | 2023-11-22 | N/A | 4.4 MEDIUM |
| Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2023-40220 | 1 Intel | 4 Nuc6cayh, Nuc6cayh Firmware, Nuc6cays and 1 more | 2023-11-22 | N/A | 4.4 MEDIUM |
| Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2023-46132 | 1 Hyperledger | 1 Fabric | 2023-11-22 | N/A | 6.5 MEDIUM |
| Hyperledger Fabric is an open source permissioned distributed ledger framework. Combining two molecules to one another, called "cross-linking" results in a molecule with a chemical formula that is composed of all atoms of the original two molecules. In Fabric, one can take a block of transactions and cross-link the transactions in a way that alters the way the peers parse the transactions. If a first peer receives a block B and a second peer receives a block identical to B but with the transactions being cross-linked, the second peer will parse transactions in a different way and thus its world state will deviate from the first peer. Orderers or peers cannot detect that a block has its transactions cross-linked, because there is a vulnerability in the way Fabric hashes the transactions of blocks. It simply and naively concatenates them, which is insecure and lets an adversary craft a "cross-linked block" (block with cross-linked transactions) which alters the way peers process transactions. For example, it is possible to select a transaction and manipulate a peer to completely avoid processing it, without changing the computed hash of the block. Additional validations have been added in v2.2.14 and v2.5.5 to detect potential cross-linking issues before processing blocks. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-31100 | 1 Phoenix | 1 Securecore Technology | 2023-11-22 | N/A | 7.1 HIGH |
| Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138 | |||||
| CVE-2023-35080 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2023-11-22 | N/A | 7.8 HIGH |
| A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. | |||||
| CVE-2023-38544 | 2 Ivanti, Linux | 2 Secure Access Client, Linux Kernel | 2023-11-22 | N/A | 5.5 MEDIUM |
| A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system. | |||||
| CVE-2023-41718 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2023-11-22 | N/A | 7.8 HIGH |
| When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file. | |||||
| CVE-2023-39337 | 1 Ivanti | 1 Endpoint Manager Mobile | 2023-11-22 | N/A | 9.1 CRITICAL |
| A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity. | |||||
| CVE-2023-39335 | 1 Ivanti | 1 Endpoint Manager Mobile | 2023-11-22 | N/A | 9.8 CRITICAL |
| A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources. | |||||
| CVE-2023-46121 | 1 Yt-dlp Project | 1 Yt-dlp | 2023-11-22 | N/A | 3.7 LOW |
| yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp's HTTP session. This could lead to cookie exfiltration in some cases. Version 2023.11.14 removed the ability to smuggle `http_headers` to the Generic extractor, as well as other extractors that use the same pattern. Users are advised to upgrade. Users unable to upgrade should disable the Ggneric extractor (or only pass trusted sites with trusted content) and ake caution when using `--no-check-certificate`. | |||||
| CVE-2023-47583 | 1 Fujielectric | 1 Tellus | 2023-11-22 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file (X1 or V9 file), information may be disclosed and/or arbitrary code may be executed. | |||||
| CVE-2023-47640 | 1 Datahub Project | 1 Datahub | 2023-11-22 | N/A | 8.8 HIGH |
| DataHub is an open-source metadata platform. The HMAC signature for DataHub Frontend sessions was being signed using a SHA-1 HMAC with the frontend secret key. SHA1 with a 10 byte key can be brute forced using sufficient resources (i.e. state level actors with large computational capabilities). DataHub Frontend was utilizing the Play LegacyCookiesModule with default settings which utilizes a SHA1 HMAC for signing. This is compounded by using a shorter key length than recommended by default for the signing key for the randomized secret value. An authenticated attacker (or attacker who has otherwise obtained a session token) could crack the signing key for DataHub and obtain escalated privileges by generating a privileged session cookie. Due to key length being a part of the risk, deployments should update to the latest helm chart and rotate their session signing secret. All deployments using the default helm chart configurations for generating the Play secret key used for signing are affected by this vulnerability. Version 0.11.1 resolves this vulnerability. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-39536 | 1 Ami | 1 Aptio V | 2023-11-22 | N/A | 7.8 HIGH |
| AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | |||||
| CVE-2023-39535 | 1 Ami | 1 Aptio V | 2023-11-22 | N/A | 7.8 HIGH |
| AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | |||||
| CVE-2023-39537 | 1 Ami | 1 Aptio V | 2023-11-22 | N/A | 7.8 HIGH |
| AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | |||||
| CVE-2023-48217 | 1 Statamic | 1 Statamic | 2023-11-22 | N/A | 8.8 HIGH |
| Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2021-33841 | 1 Circutor | 2 Sge-plc1000, Sge-plc1000 Firmware | 2023-11-22 | 10.0 HIGH | 9.8 CRITICAL |
| SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges. | |||||
| CVE-2021-32456 | 1 Sitel-sa | 2 Remote Cap\/prx, Remote Cap\/prx Firmware | 2023-11-22 | 3.3 LOW | 6.5 MEDIUM |
| SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the device to obtain the authentication passwords by analysing the network traffic. | |||||
| CVE-2021-4046 | 1 Tcman | 1 Gim | 2023-11-22 | 3.5 LOW | 5.4 MEDIUM |
| The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data. | |||||
| CVE-2021-4035 | 1 Wocu-monitoring | 1 Wocu Monitoring | 2023-11-22 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an account with enough privileges to view and edit reports. | |||||
| CVE-2022-45875 | 1 Apache | 1 Dolphinscheduler | 2023-11-22 | N/A | 9.8 CRITICAL |
| Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. This attack can be performed only by authenticated users which can login to DS. | |||||
| CVE-2022-45383 | 1 Jenkins | 1 Support Core | 2023-11-22 | N/A | 6.5 MEDIUM |
| An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fa_b_d860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission. | |||||
| CVE-2022-45382 | 1 Jenkins | 1 Naginator | 2023-11-22 | N/A | 5.4 MEDIUM |
| Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to edit build display names. | |||||
| CVE-2022-45381 | 1 Jenkins | 1 Pipeline Utility Steps | 2023-11-22 | N/A | 8.1 HIGH |
| Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary files from the Jenkins controller file system. | |||||
| CVE-2022-45380 | 1 Jenkins | 1 Junit | 2023-11-22 | N/A | 5.4 MEDIUM |
| Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
| CVE-2022-43430 | 1 Jenkins | 1 Compuware Topaz For Total Test | 2023-11-22 | N/A | 7.5 HIGH |
| Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | |||||
| CVE-2022-43422 | 1 Jenkins | 2 Compuware Topaz Utilities, Jenkins | 2023-11-22 | N/A | 5.3 MEDIUM |
| Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. | |||||