Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4446 | 1 Openrapid | 1 Rapidcms | 2023-08-25 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file template/default/category.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237567. | |||||
| CVE-2023-3954 | 1 Multiparcels | 1 Multiparcels Shipping For Woocommerce | 2023-08-25 | N/A | 6.1 MEDIUM |
| The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | |||||
| CVE-2023-37250 | 1 Unity | 1 Parsec | 2023-08-25 | N/A | 7.0 HIGH |
| Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version. | |||||
| CVE-2023-40068 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2023-08-25 | N/A | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative privilege. | |||||
| CVE-2023-39939 | 1 Luxsoft | 1 Luxcal Web Calendar | 2023-08-25 | N/A | 9.1 CRITICAL |
| SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it. | |||||
| CVE-2023-3481 | 1 Google | 1 Critters | 2023-08-25 | N/A | 6.1 MEDIUM |
| Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension. | |||||
| CVE-2023-39543 | 1 Luxsoft | 1 Luxcal Web Calendar | 2023-08-25 | N/A | 6.1 MEDIUM |
| Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product. | |||||
| CVE-2020-22181 | 1 Samsung | 2 Sww-3400rw, Sww-3400rw Firmware | 2023-08-25 | N/A | 6.1 MEDIUM |
| A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi | |||||
| CVE-2020-24295 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. | |||||
| CVE-2020-24294 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. | |||||
| CVE-2020-24293 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. | |||||
| CVE-2020-24292 | 1 Freeimage Project | 1 Freeimage | 2023-08-25 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. | |||||
| CVE-2023-4448 | 1 Openrapid | 1 Rapidcms | 2023-08-25 | N/A | 9.8 CRITICAL |
| A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument password/password2 leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier VDB-237569 was assigned to this vulnerability. | |||||
| CVE-2023-4447 | 1 Openrapid | 1 Rapidcms | 2023-08-25 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237568. | |||||
| CVE-2020-23992 | 1 Nagios | 1 Nagios Xi | 2023-08-25 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request. | |||||
| CVE-2023-39748 | 1 Tp-link | 2 Tl-wr1041n V2, Tl-wr1041n V2 Firmware | 2023-08-25 | N/A | 7.5 HIGH |
| An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-39747 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2023-08-25 | N/A | 9.8 CRITICAL |
| TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm. | |||||
| CVE-2023-39745 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2023-08-25 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-39618 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface. | |||||
| CVE-2023-39617 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function. | |||||
| CVE-2023-41167 | 2023-08-25 | N/A | N/A | ||
| @webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the editor.js rich text editor to handle rich text content. The CMS stores rich text content from the editor.js into the database. When the @webiny/react-rich-text-renderer is used to render such content, it uses the dangerouslySetInnerHTML prop, without applying HTML sanitization. The issue arises when an actor, who in this context would specifically be a content manager with access to the CMS, inserts a malicious script as part of the user-defined input. This script is then injected and executed within the user's browser when the main page or admin page loads. | |||||
| CVE-2023-4445 | 1 Mini | 1 Mini-tmall | 2023-08-25 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237566 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-36674 | 1 Mediawiki | 1 Mediawiki | 2023-08-25 | N/A | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax. | |||||
| CVE-2023-40877 | 1 Dedecms | 1 Dedecms | 2023-08-25 | N/A | 5.4 MEDIUM |
| DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter. | |||||
| CVE-2023-40876 | 1 Dedecms | 1 Dedecms | 2023-08-25 | N/A | 5.4 MEDIUM |
| DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter. | |||||
| CVE-2023-40875 | 1 Dedecms | 1 Dedecms | 2023-08-25 | N/A | 5.4 MEDIUM |
| DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters. | |||||
| CVE-2023-40874 | 1 Dedecms | 1 Dedecms | 2023-08-25 | N/A | 5.4 MEDIUM |
| DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters. | |||||
| CVE-2023-36317 | 1 Student Study Center Desk Management System Project | 1 Student Study Center Desk Management System | 2023-08-25 | N/A | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL. | |||||
| CVE-2023-28994 | 1 Uxthemes | 1 Flatsome | 2023-08-25 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <= 3.16.8 versions. | |||||
| CVE-2023-40711 | 1 Veilid | 1 Veilid | 2023-08-25 | N/A | 7.5 HIGH |
| Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023. | |||||
| CVE-2023-4478 | 2023-08-25 | N/A | N/A | ||
| Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts. | |||||
| CVE-2023-25981 | 2023-08-25 | N/A | N/A | ||
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions. | |||||
| CVE-2023-25649 | 2023-08-25 | N/A | N/A | ||
| There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands. | |||||
| CVE-2023-3425 | 2023-08-25 | N/A | N/A | ||
| Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory. | |||||
| CVE-2023-3406 | 2023-08-25 | N/A | N/A | ||
| Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server | |||||
| CVE-2023-32591 | 2023-08-25 | N/A | N/A | ||
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin <= 3.0.0 versions. | |||||
| CVE-2023-32584 | 2023-08-25 | N/A | N/A | ||
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin <= 3.1.3 versions. | |||||
| CVE-2023-32577 | 2023-08-25 | N/A | N/A | ||
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin <= 4.0.0 versions. | |||||
| CVE-2023-32576 | 2023-08-25 | N/A | N/A | ||
| Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.18 versions. | |||||
| CVE-2023-41173 | 2023-08-25 | N/A | N/A | ||
| AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets. | |||||
| CVE-2023-32755 | 2023-08-25 | N/A | 5.3 MEDIUM | ||
| e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command. | |||||
| CVE-2023-40530 | 2023-08-25 | N/A | N/A | ||
| Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device. | |||||
| CVE-2023-4520 | 2023-08-25 | N/A | 5.4 MEDIUM | ||
| The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update via the 'save' function in versions up to, and including, 7.5.37.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, and makes it possible to update the user metas arbitrarily, but the meta value can only be a string. | |||||
| CVE-2023-40599 | 2023-08-25 | N/A | N/A | ||
| Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/search.cgi, estimate/estimate.js, search/search.js, suggest/suggest.js, and coupon/coupon.js. | |||||
| CVE-2023-40577 | 2023-08-25 | N/A | N/A | ||
| Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. | |||||
| CVE-2023-40570 | 2023-08-25 | N/A | N/A | ||
| Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords. The `/-/api` API explorer endpoint could reveal the names of both databases and tables - but not their contents - to an unauthenticated user. Datasette 1.0a4 has a fix for this issue. This will block access to the API explorer but will still allow access to the Datasette read or write JSON APIs, as those use different URL patterns within the Datasette `/database` hierarchy. This issue is patched in version 1.0a4. | |||||
| CVE-2023-40217 | 2023-08-25 | N/A | N/A | ||
| An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) | |||||
| CVE-2023-40182 | 2023-08-25 | N/A | N/A | ||
| Silverware Games is a premium social network where people can play games online. When using the Recovery form, a noticeably different amount of time passes depending of whether the specified email address presents in our database or not. This has been fixed in version 1.3.7. | |||||
| CVE-2023-40179 | 2023-08-25 | N/A | N/A | ||
| Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member of the site. Since version 1.3.6, the "Enter the code" form is always returned, showing the message "If the entered email is associated with an account, a code will be sent now". This change prevents potential violators from determining if our site has a user with the specified email. | |||||
| CVE-2023-39700 | 2023-08-25 | N/A | N/A | ||
| IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter. | |||||