Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38023 | 4 Fedoraproject, Microsoft, Netapp and 1 more | 9 Fedora, Windows Server 2008, Windows Server 2012 and 6 more | 2023-08-18 | N/A | 8.1 HIGH |
| Netlogon RPC Elevation of Privilege Vulnerability | |||||
| CVE-2022-37966 | 4 Fedoraproject, Microsoft, Netapp and 1 more | 9 Fedora, Windows Server 2008, Windows Server 2012 and 6 more | 2023-08-18 | N/A | 8.1 HIGH |
| Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | |||||
| CVE-2022-37967 | 4 Fedoraproject, Microsoft, Netapp and 1 more | 9 Fedora, Windows Server 2008, Windows Server 2012 and 6 more | 2023-08-18 | N/A | 7.2 HIGH |
| Windows Kerberos Elevation of Privilege Vulnerability | |||||
| CVE-2023-30752 | 1 Gingertech | 1 External Videos | 2023-08-18 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions. | |||||
| CVE-2023-30751 | 1 Icontrolwp | 1 Article Directory Redux | 2023-08-18 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions. | |||||
| CVE-2023-30749 | 1 Ihomefinder | 1 Optima Express \+ Marketboost Idx | 2023-08-18 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions. | |||||
| CVE-2021-34506 | 1 Microsoft | 1 Edge Chromium | 2023-08-18 | N/A | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-32022 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2023-08-18 | N/A | 7.6 HIGH |
| Windows Server Service Security Feature Bypass Vulnerability | |||||
| CVE-2020-27544 | 1 Foldingathome | 1 Client Advanced Control | 2023-08-18 | N/A | 9.8 CRITICAL |
| An issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py. | |||||
| CVE-2020-19952 | 1 Jbt | 1 Live \(github-flavored\) Markdown Editor | 2023-08-18 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file. | |||||
| CVE-2023-20224 | 2023-08-18 | N/A | N/A | ||
| A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device. | |||||
| CVE-2023-20217 | 2023-08-18 | N/A | N/A | ||
| A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device. | |||||
| CVE-2023-3732 | 1 Google | 1 Chrome | 2023-08-18 | N/A | 8.8 HIGH |
| Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-38751 | 1 Jpcert | 1 Special Interest Group Network For Analysis And Liaison | 2023-08-18 | N/A | 4.3 MEDIUM |
| Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the organization information of the information receiver that is set as "non-disclosure" in the information provision operation. | |||||
| CVE-2023-38752 | 1 Jpcert | 1 Special Interest Group Network For Analysis And Liaison | 2023-08-18 | N/A | 4.3 MEDIUM |
| Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings. | |||||
| CVE-2023-36672 | 1 Clario | 1 Vpn | 2023-08-18 | N/A | 5.7 MEDIUM |
| An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in leakage of traffic in plaintext" rather than to only Clario. | |||||
| CVE-2023-28405 | 1 Intel | 1 Openvino | 2023-08-18 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-3236 | 1 Vim | 1 Vim | 2023-08-18 | N/A | 5.5 MEDIUM |
| vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | |||||
| CVE-2023-28385 | 2 Intel, Microsoft | 2 Next Unit Of Computing Firmware, Windows | 2023-08-18 | N/A | 6.7 MEDIUM |
| Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access. | |||||
| CVE-2023-24016 | 2 Intel, Linux | 2 Quartus Prime, Linux Kernel | 2023-08-18 | N/A | 7.3 HIGH |
| Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28380 | 1 Intel | 1 Ai Hackathon | 2023-08-18 | N/A | 8.8 HIGH |
| Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2021-29378 | 1 Pearadmin | 1 Pear Admin Think | 2023-08-18 | N/A | 8.8 HIGH |
| SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. | |||||
| CVE-2022-39213 | 1 Pandatix | 1 Go-cvss | 2023-08-18 | N/A | 7.5 HIGH |
| go-cvss is a Go module to manipulate Common Vulnerability Scoring System (CVSS). In affected versions when a full CVSS v2.0 vector string is parsed using `ParseVector`, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag `v0.4.0`, by the commit `d9d478ff0c13b8b09ace030db9262f3c2fe031f4`. Users are advised to upgrade. Users unable to upgrade may avoid this issue by parsing only CVSS v2.0 vector strings that do not have all attributes defined (e.g. `AV:N/AC:L/Au:N/C:P/I:P/A:C/E:U/RL:OF/RC:C/CDP:MH/TD:H/CR:M/IR:M/AR:M`). As stated in [SECURITY.md](https://github.com/pandatix/go-cvss/blob/master/SECURITY.md), the CPE v2.3 to refer to this Go module is `cpe:2.3:a:pandatix:go_cvss:*:*:*:*:*:*:*:*`. The entry has already been requested to the NVD CPE dictionary. | |||||
| CVE-2023-28711 | 1 Intel | 1 Hyperscan Library | 2023-08-18 | N/A | 5.5 MEDIUM |
| Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-3452 | 1 Canto | 1 Canto | 2023-08-18 | N/A | 9.8 CRITICAL |
| The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. | |||||
| CVE-2023-28823 | 1 Intel | 29 Advisor For Oneapi, Cpu Runtime For Opencl Applications, Distribution For Python Programming Language and 26 more | 2023-08-18 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32617 | 1 Intel | 46 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware, Nuc 7 Enthusiast Nuc7i7bnhxg and 43 more | 2023-08-18 | N/A | 6.7 MEDIUM |
| Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-28429 | 1 Ffmpeg | 1 Ffmpeg | 2023-08-18 | N/A | 5.5 MEDIUM |
| Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | |||||
| CVE-2020-35141 | 1 Facuet | 1 Ryu | 2023-08-18 | N/A | 7.5 HIGH |
| An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2020-35139 | 1 Facuet | 1 Ryu | 2023-08-18 | N/A | 7.5 HIGH |
| An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2023-29500 | 1 Intel | 22 Nuc 11 Performance Kit Nuc11pahi3, Nuc 11 Performance Kit Nuc11pahi30z, Nuc 11 Performance Kit Nuc11pahi30z Firmware and 19 more | 2023-08-18 | N/A | 4.4 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access. | |||||
| CVE-2023-3937 | 2 Microsoft, Snowsoftware | 2 Windows, Snow License Manager | 2023-08-18 | N/A | 4.8 MEDIUM |
| Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser | |||||
| CVE-2023-3864 | 2 Microsoft, Snowsoftware | 2 Windows, Snow License Manager | 2023-08-18 | N/A | 7.2 HIGH |
| Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal. | |||||
| CVE-2023-3817 | 1 Openssl | 1 Openssl | 2023-08-18 | N/A | 5.3 MEDIUM |
| Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. | |||||
| CVE-2023-35012 | 3 Ibm, Linux, Microsoft | 4 Aix, Db2, Linux Kernel and 1 more | 2023-08-18 | N/A | 6.7 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763. | |||||
| CVE-2023-27558 | 2 Ibm, Microsoft | 2 Db2, Windows | 2023-08-18 | N/A | 7.8 HIGH |
| IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected service. IBM X-Force ID: 249194. | |||||
| CVE-2023-34455 | 1 Xerial | 1 Snappy-java | 2023-08-18 | N/A | 7.5 HIGH |
| snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does that by attempting to read 4 bytes. If it wasn’t possible to read the 4 bytes, the function returns false. Otherwise, if 4 bytes were available, the code treats them as the length of the next chunk. In the case that the `compressed` variable is null, a byte array is allocated with the size given by the input data. Since the code doesn’t test the legality of the `chunkSize` variable, it is possible to pass a negative number (such as 0xFFFFFFFF which is -1), which will cause the code to raise a `java.lang.NegativeArraySizeException` exception. A worse case would happen when passing a huge positive value (such as 0x7FFFFFFF), which would raise the fatal `java.lang.OutOfMemoryError` error. Version 1.1.10.1 contains a patch for this issue. | |||||
| CVE-2023-2976 | 1 Google | 1 Guava | 2023-08-18 | N/A | 7.1 HIGH |
| Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows. | |||||
| CVE-2023-25577 | 1 Palletsprojects | 1 Werkzeug | 2023-08-18 | N/A | 7.5 HIGH |
| Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue. | |||||
| CVE-2023-23934 | 1 Palletsprojects | 1 Werkzeug | 2023-08-18 | N/A | 3.5 LOW |
| Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3. | |||||
| CVE-2020-10650 | 2 Fasterxml, Oracle | 3 Jackson-databind, Retail Merchandising System, Retail Sales Audit | 2023-08-18 | N/A | 8.1 HIGH |
| A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider. | |||||
| CVE-2022-23221 | 3 Debian, H2database, Oracle | 3 Debian Linux, H2, Communications Cloud Native Core Console | 2023-08-18 | 10.0 HIGH | 9.8 CRITICAL |
| H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | |||||
| CVE-2021-23463 | 1 H2database | 1 H2 | 2023-08-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability. | |||||
| CVE-2021-40690 | 3 Apache, Debian, Oracle | 18 Cxf, Santuario Xml Security For Java, Tomee and 15 more | 2023-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. | |||||
| CVE-2019-12402 | 3 Apache, Fedoraproject, Oracle | 19 Commons Compress, Fedora, Banking Payments and 16 more | 2023-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress. | |||||
| CVE-2019-10103 | 1 Jetbrains | 1 Kotlin | 2023-08-18 | 6.8 MEDIUM | 8.1 HIGH |
| JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101. | |||||
| CVE-2019-10102 | 1 Jetbrains | 2 Kotlin, Ktor | 2023-08-18 | 6.8 MEDIUM | 8.1 HIGH |
| JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30. | |||||
| CVE-2019-10101 | 1 Jetbrains | 1 Kotlin | 2023-08-18 | 6.8 MEDIUM | 8.1 HIGH |
| JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | |||||
| CVE-2023-29494 | 1 Intel | 48 Nuc 11 Pro Board Nuc11tnbi3, Nuc 11 Pro Board Nuc11tnbi30z, Nuc 11 Pro Board Nuc11tnbi30z Firmware and 45 more | 2023-08-18 | N/A | 6.7 MEDIUM |
| Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-28411 | 1 Ruoyi | 1 Ruoyi | 2023-08-18 | N/A | 9.8 CRITICAL |
| An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | |||||