Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32757 | 1 Edetw | 1 U-office Force | 2023-08-29 | N/A | 9.8 CRITICAL |
| e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service. | |||||
| CVE-2023-32756 | 1 Edetw | 1 U-office Force | 2023-08-29 | N/A | 7.5 HIGH |
| e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service. | |||||
| CVE-2023-37425 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2023-08-29 | N/A | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | |||||
| CVE-2021-29390 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2023-08-29 | N/A | 9.8 CRITICAL |
| libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. | |||||
| CVE-2023-37424 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2023-08-29 | N/A | 8.1 HIGH |
| A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host if certain preconditions outside of the attacker's control are met. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | |||||
| CVE-2023-37423 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2023-08-29 | N/A | 5.4 MEDIUM |
| Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | |||||
| CVE-2023-37422 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2023-08-29 | N/A | 5.4 MEDIUM |
| Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | |||||
| CVE-2023-40901 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg. | |||||
| CVE-2023-40900 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | |||||
| CVE-2023-40899 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | |||||
| CVE-2023-40898 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg. | |||||
| CVE-2023-40897 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo. | |||||
| CVE-2023-40896 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind. | |||||
| CVE-2023-40895 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-40894 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-40893 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||||
| CVE-2023-40892 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | |||||
| CVE-2023-4559 | 1 Laiketui | 1 Laiketui | 2023-08-29 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-238160. | |||||
| CVE-2023-41037 | 2023-08-29 | N/A | N/A | ||
| OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorithm used to compute the signature digest. OpenPGP.js up to v5.9.0 ignored any data preceding the "Hash: ..." texts when verifying the signature. As a result, malicious parties could add arbitrary text to a third-party Cleartext Signed Message, to lead the victim to believe that the arbitrary text was signed. A user or application is vulnerable to said attack vector if it verifies the CleartextMessage by only checking the returned `verified` property, discarding the associated `data` information, and instead _visually trusting_ the contents of the original message. Since `verificationResult.data` would always contain the actual signed data, users and apps that check this information are not vulnerable. Similarly, given a CleartextMessage object, retrieving the data using `getText()` or the `text` field returns only the contents that are considered when verifying the signature. Finally, re-armoring a CleartextMessage object (using `armor()` will also result in a "sanitised" version, with the extraneous text being removed. This issue has been addressed in version 5.10.1 (current stable version) which will reject messages when calling `openpgp.readCleartextMessage()` and in version 4.10.11 (legacy version) which will will reject messages when calling `openpgp.cleartext.readArmored()`. Users are advised to upgrade. Users unable to upgrade should check the contents of `verificationResult.data` to see what data was actually signed, rather than visually trusting the contents of the armored message. | |||||
| CVE-2023-3646 | 2023-08-29 | N/A | N/A | ||
| On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload. | |||||
| CVE-2023-39616 | 2023-08-29 | N/A | N/A | ||
| AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. | |||||
| CVE-2023-39615 | 2023-08-29 | N/A | N/A | ||
| Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. | |||||
| CVE-2023-24548 | 2023-08-29 | N/A | N/A | ||
| On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place. | |||||
| CVE-2023-41376 | 2023-08-29 | N/A | N/A | ||
| Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes. | |||||
| CVE-2023-41362 | 2023-08-29 | N/A | N/A | ||
| MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP. | |||||
| CVE-2023-38283 | 2023-08-29 | N/A | N/A | ||
| In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006. | |||||
| CVE-2023-0654 | 2023-08-29 | N/A | N/A | ||
| Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app. | |||||
| CVE-2021-32050 | 2023-08-29 | N/A | N/A | ||
| Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default). This issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0). | |||||
| CVE-2023-0238 | 2023-08-29 | N/A | N/A | ||
| Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app. | |||||
| CVE-2023-40891 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg. | |||||
| CVE-2023-37421 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2023-08-29 | N/A | 5.4 MEDIUM |
| Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | |||||
| CVE-2023-4508 | 1 Gerbv Project | 1 Gerbv | 2023-08-29 | N/A | 5.5 MEDIUM |
| A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file. | |||||
| CVE-2023-32516 | 1 Oracle | 1 Restaurant Menu - Food Ordering System - Table Reservation | 2023-08-29 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.3.6 versions. | |||||
| CVE-2023-39834 | 1 Pbootcms | 1 Pbootcms | 2023-08-29 | N/A | 9.8 CRITICAL |
| PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function. | |||||
| CVE-2023-32511 | 1 Bookingultrapro | 1 Booking Ultra Pro Appointments Booking Calendar | 2023-08-29 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions. | |||||
| CVE-2023-32510 | 1 Cagewebdev | 1 Order Your Posts Manually | 2023-08-29 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions. | |||||
| CVE-2023-4513 | 1 Wireshark | 1 Wireshark | 2023-08-29 | N/A | 7.5 HIGH |
| BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2023-4512 | 1 Wireshark | 1 Wireshark | 2023-08-29 | N/A | 7.5 HIGH |
| CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2023-4511 | 1 Wireshark | 1 Wireshark | 2023-08-29 | N/A | 7.5 HIGH |
| BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2023-1409 | 3 Apple, Microsoft, Mongodb | 3 Macos, Windows, Mongodb | 2023-08-29 | N/A | 7.5 HIGH |
| If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions. | |||||
| CVE-2023-40763 | 1 Phpjabbers | 1 Taxi Booking Script | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-39708 | 1 Free And Open Source Inventory Management System Project | 1 Free And Open Source Inventory Management System | 2023-08-29 | N/A | 6.1 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. | |||||
| CVE-2023-40767 | 1 Phpjabbers | 1 Make An Offer Widget | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40766 | 1 Phpjabbers | 1 Ticket Support Script | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40765 | 1 Phpjabbers | 1 Event Booking Calendar | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40764 | 1 Phpjabbers | 1 Jabbers Car Rental Script | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40758 | 1 Phpjabbers | 1 Document Creator | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40757 | 1 Phpjabbers | 1 Food Delivery Script | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40756 | 1 Phpjabbers | 1 Callback Widget | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-40762 | 1 Phpjabbers | 1 Fundraising Script | 2023-08-29 | N/A | 9.8 CRITICAL |
| User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||