Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18341 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass vulnerability. A remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations). | |||||
| CVE-2019-18340 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0). Both the SiVMS/SiNVR Video Server and the Control Center Server (CCS) store user and device passwords by applying weak cryptography. A local attacker could exploit this vulnerability to extract the passwords from the user database and/or the device configuration files to conduct further attacks. | |||||
| CVE-2019-18339 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiVMS/SiNVR users database, including the passwords of all users in obfuscated cleartext. | |||||
| CVE-2019-18338 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 4.0 MEDIUM | 7.7 HIGH |
| A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context. | |||||
| CVE-2019-18337 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. A remote attacker with network access to the CCS server could exploit this vulnerability to read the CCS users database, including the passwords of all users in obfuscated cleartext. | |||||
| CVE-2019-13947 | 1 Siemens | 2 Sinvr 3 Central Control Server, Sinvr 3 Video Server | 2024-01-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The user configuration menu in the web interface of the Control Center Server (CCS) transfers user passwords in clear to the client (browser). An attacker with administrative privileges for the web interface could be able to read (and not only reset) passwords of other CCS users. | |||||
| CVE-2023-51765 | 3 Freebsd, Redhat, Sendmail | 3 Freebsd, Enterprise Linux, Sendmail | 2024-01-09 | N/A | 5.3 MEDIUM |
| sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features. | |||||
| CVE-2020-24706 | 1 Wso2 | 6 Api Manager, Api Manager Analytics, Identity Server and 3 more | 2024-01-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0. | |||||
| CVE-2004-0458 | 2 Debian, Nicolas Boullis | 2 Debian Linux, Mah-jong | 2024-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. | |||||
| CVE-2003-1000 | 1 Xchat | 1 Xchat | 2024-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference. | |||||
| CVE-2022-34781 | 1 Jenkins | 1 Xebialabs Xl Release | 2024-01-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing permission checks in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2020-2268 | 1 Jenkins | 1 Mongodb | 2024-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller. | |||||
| CVE-2022-24439 | 3 Debian, Fedoraproject, Gitpython Project | 3 Debian Linux, Fedora, Gitpython | 2024-01-09 | N/A | 9.8 CRITICAL |
| All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. | |||||
| CVE-2022-30957 | 1 Jenkins | 1 Ssh | 2024-01-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2022-30947 | 1 Jenkins | 1 Git | 2024-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents. | |||||
| CVE-2022-28133 | 1 Jenkins | 1 Bitbucket Server Integration | 2024-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create BitBucket Server consumers. | |||||
| CVE-2022-3708 | 1 Google | 1 Web Stories | 2024-01-09 | N/A | 8.1 HIGH |
| The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including 1.24.0 due to insufficient validation of URLs supplied via the 'url' parameter found via the /v1/hotlink/proxy REST API Endpoint. This makes it possible for authenticated users to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2022-23631 | 1 Blitzjs | 2 Blitz, Superjson | 2024-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| superjson is a program to allow JavaScript expressions to be serialized to a superset of JSON. In versions prior to 1.8.1 superjson allows input to run arbitrary code on any server using superjson input without prior authentication or knowledge. The only requirement is that the server implements at least one endpoint which uses superjson during request processing. This has been patched in superjson 1.8.1. Users are advised to update. There are no known workarounds for this issue. | |||||
| CVE-2023-41915 | 3 Debian, Fedoraproject, Openpmix | 3 Debian Linux, Fedora, Openpmix | 2024-01-09 | N/A | 8.1 HIGH |
| OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. | |||||
| CVE-2023-46468 | 1 Juzaweb | 1 Juzaweb Cms | 2024-01-09 | N/A | 7.8 HIGH |
| An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function. | |||||
| CVE-2022-47928 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-01-09 | N/A | 6.1 MEDIUM |
| In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp. | |||||
| CVE-2023-44824 | 1 Expense Management System Project | 1 Expense Management System | 2024-01-09 | N/A | 7.8 HIGH |
| An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component. | |||||
| CVE-2023-28884 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-01-09 | N/A | 6.1 MEDIUM |
| In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index. | |||||
| CVE-2023-37307 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-01-09 | N/A | 5.4 MEDIUM |
| In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts. | |||||
| CVE-2023-2541 | 1 Knime | 1 Business Hub | 2024-01-09 | N/A | 5.3 MEDIUM |
| The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application such as versions, host names, or IP addresses. No personal information or application data was exposed. | |||||
| CVE-2023-28883 | 1 Cerebrate-project | 1 Cerebrate | 2024-01-09 | N/A | 9.8 CRITICAL |
| In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint. | |||||
| CVE-2023-0558 | 1 Contentstudio | 1 Contentstudio | 2024-01-09 | N/A | 9.8 CRITICAL |
| The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper API keys. | |||||
| CVE-2022-34795 | 1 Jenkins | 1 Deployment Dashboard | 2024-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not escape environment names on its Deployment Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission. | |||||
| CVE-2023-24070 | 1 Misp-project | 1 Malware Information Sharing Platform | 2024-01-09 | N/A | 6.1 MEDIUM |
| app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field. | |||||
| CVE-2023-38403 | 6 Apple, Debian, Es and 3 more | 7 Macos, Debian Linux, Iperf3 and 4 more | 2024-01-09 | N/A | 7.5 HIGH |
| iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. | |||||
| CVE-2023-46603 | 1 Color | 1 Demoiccmax | 2024-01-09 | N/A | 8.8 HIGH |
| In International Color Consortium DemoIccMAX 79ecb74, there is an out-of-bounds read in the CIccPRMG::GetChroma function in IccProfLib/IccPrmg.cpp in libSampleICC.a. | |||||
| CVE-2023-30774 | 2 Apple, Libtiff | 2 Macos, Libtiff | 2024-01-09 | N/A | 5.5 MEDIUM |
| A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | |||||
| CVE-2023-5693 | 1 Martmbithi | 1 Internet Banking System | 2024-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pages_reset_pwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-243131. | |||||
| CVE-2008-0386 | 2 Gentoo, Mandrakesoft | 2 Xdg-utils, Mandrake Linux | 2024-01-09 | 6.8 MEDIUM | N/A |
| Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email. | |||||
| CVE-2008-0008 | 3 Mandrakesoft, Pulseaudio, Redhat | 3 Mandrake Linux, Pulseaudio, Fedora | 2024-01-09 | 7.2 HIGH | N/A |
| The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion. | |||||
| CVE-2009-2213 | 1 Citrix | 2 Netscaler Access Gateway, Netscaler Access Gateway Firmware | 2024-01-09 | 6.3 MEDIUM | 6.5 MEDIUM |
| The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions. | |||||
| CVE-2023-4746 | 1 Totolink | 2 N200re-v5, N200re-v5 Firmware | 2024-01-09 | N/A | 8.8 HIGH |
| A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the impact is to bypass the validation which leads to to OS command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635. | |||||
| CVE-2023-3997 | 1 Splunk | 1 Soar | 2024-01-09 | N/A | 7.8 HIGH |
| Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user’s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user’s action. | |||||
| CVE-2023-34039 | 1 Vmware | 1 Aria Operations For Networks | 2024-01-09 | N/A | 9.8 CRITICAL |
| Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. | |||||
| CVE-2023-27857 | 1 Rockwellautomation | 1 Thinmanager | 2024-01-09 | N/A | 7.5 HIGH |
| In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. | |||||
| CVE-2023-4966 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2024-01-09 | N/A | 7.5 HIGH |
| Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | |||||
| CVE-2023-22932 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-01-09 | N/A | 6.1 MEDIUM |
| In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64-encoded image. The vulnerability affects instances with Splunk Web enabled. It does not affect Splunk Enterprise versions below 9.0. | |||||
| CVE-2019-12799 | 1 Shopware | 1 Shopware | 2024-01-09 | 6.5 MEDIUM | 8.8 HIGH |
| In createInstanceFromNamedArguments in Shopware through 5.6.x, a crafted web request can trigger a PHP object instantiation vulnerability, which can result in an arbitrary deserialization if the right class is instantiated. An attacker can leverage this deserialization to achieve remote code execution. NOTE: this issue is a bypass for a CVE-2017-18357 whitelist patch. | |||||
| CVE-2013-1465 | 1 Cubecart | 1 Cubecart | 2024-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object. | |||||
| CVE-2015-10103 | 1 Forget It Project | 1 Forget It | 2024-01-09 | N/A | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up to 1.3. This affects an unknown part of the file js/settings.js. The manipulation of the argument setForgetTime with the input 0 leads to infinite loop. It is possible to launch the attack on the local host. Upgrading to version 1.4 is able to address this issue. The patch is named adf0c7fd59b9c935b4fd675c556265620124999c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226119. | |||||
| CVE-2016-15031 | 1 Php-login Project | 1 Php-login | 2024-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injection. The attack can be initiated remotely. Upgrading to version 2.0 is able to address this issue. The patch is identified as 0083ec652786ddbb81335ea20da590df40035679. It is recommended to upgrade the affected component. VDB-228022 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-8103 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2024-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'". | |||||
| CVE-2023-50269 | 1 Squid-cache | 1 Squid | 2024-01-09 | N/A | 7.5 HIGH |
| Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. | |||||
| CVE-2023-50422 | 1 Sap | 1 Cloud-security-services-integration-library | 2024-01-09 | N/A | 9.8 CRITICAL |
| SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. | |||||
| CVE-2023-49583 | 1 Sap | 1 \@sap\/xssec | 2024-01-09 | N/A | 9.8 CRITICAL |
| SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. | |||||