Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49286 | 1 Squid-cache | 1 Squid | 2024-01-09 | N/A | 7.5 HIGH |
| Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-49285 | 1 Squid-cache | 1 Squid | 2024-01-09 | N/A | 7.5 HIGH |
| Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-46847 | 2 Redhat, Squid-cache | 7 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server and 4 more | 2024-01-09 | N/A | 7.5 HIGH |
| Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | |||||
| CVE-2023-46846 | 2 Redhat, Squid-cache | 8 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 5 more | 2024-01-09 | N/A | 5.3 MEDIUM |
| SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | |||||
| CVE-2023-0004 | 2 Fedoraproject, Paloaltonetworks | 2 Fedora, Pan-os | 2024-01-09 | N/A | 6.5 MEDIUM |
| A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software. | |||||
| CVE-2022-48321 | 1 Tribe29 | 1 Checkmk | 2024-01-09 | N/A | 3.3 LOW |
| Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API. | |||||
| CVE-2024-0195 | 1 Ssssssss | 1 Spider-flow | 2024-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-41990 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-01-09 | N/A | 7.8 HIGH |
| The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. | |||||
| CVE-2023-38203 | 1 Adobe | 1 Coldfusion | 2024-01-09 | N/A | 9.8 CRITICAL |
| Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. | |||||
| CVE-2023-29300 | 1 Adobe | 1 Coldfusion | 2024-01-09 | N/A | 9.8 CRITICAL |
| Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. | |||||
| CVE-2023-27524 | 1 Apache | 1 Superset | 2024-01-09 | N/A | 9.8 CRITICAL |
| Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. | |||||
| CVE-2023-23752 | 1 Joomla | 1 Joomla\! | 2024-01-09 | N/A | 5.3 MEDIUM |
| An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. | |||||
| CVE-2016-20017 | 1 Dlink | 2 Dsl-2750b, Dsl-2750b Firmware | 2024-01-09 | N/A | 9.8 CRITICAL |
| D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022. | |||||
| CVE-2020-26624 | 1 Gilacms | 1 Gila Cms | 2024-01-09 | N/A | 3.8 LOW |
| A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal. | |||||
| CVE-2020-26623 | 1 Gilacms | 1 Gila Cms | 2024-01-09 | N/A | 3.8 LOW |
| SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal. | |||||
| CVE-2023-7192 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-01-09 | N/A | 4.4 MEDIUM |
| A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | |||||
| CVE-2023-28471 | 1 Concretecms | 1 Concrete Cms | 2024-01-09 | N/A | 5.4 MEDIUM |
| Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name. | |||||
| CVE-2023-28476 | 1 Concretecms | 1 Concrete Cms | 2024-01-09 | N/A | 5.4 MEDIUM |
| Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files. | |||||
| CVE-2023-28474 | 1 Concretecms | 1 Concrete Cms | 2024-01-09 | N/A | 5.4 MEDIUM |
| Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search. | |||||
| CVE-2022-29409 | 2024-01-08 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||||
| CVE-2022-29923 | 1 Thingsforrestaurants | 1 Quick Restaurant Reservations | 2024-01-08 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations (WordPress plugin) allows Reflected XSS.This issue affects Quick Restaurant Reservations (WordPress plugin): from n/a through 1.4.1. | |||||
| CVE-2023-47488 | 1 Combodo | 1 Itop | 2024-01-08 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page. | |||||
| CVE-2024-21911 | 1 Tiny | 1 Tinymce | 2024-01-08 | N/A | 6.1 MEDIUM |
| TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser. | |||||
| CVE-2024-21910 | 1 Tiny | 1 Tinymce | 2024-01-08 | N/A | 6.1 MEDIUM |
| TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser. | |||||
| CVE-2024-21908 | 1 Tiny | 1 Tinymce | 2024-01-08 | N/A | 6.1 MEDIUM |
| TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser. | |||||
| CVE-2024-0194 | 1 Codeastro | 1 Internet Banking System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0. This issue affects some unknown processing of the file pages_account.php of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249509 was assigned to this vulnerability. | |||||
| CVE-2024-0223 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-08 | N/A | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0222 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-08 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0224 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-08 | N/A | 8.8 HIGH |
| Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-0225 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-01-08 | N/A | 8.8 HIGH |
| Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-6436 | 1 Ekolbilisim | 1 Web Sablonu Yazilimi | 2024-01-08 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ekol Informatics Website Template allows SQL Injection.This issue affects Website Template: through 20231215. | |||||
| CVE-2023-49794 | 1 Kernelsu | 1 Kernelsu | 2024-01-08 | N/A | 7.8 HIGH |
| KernelSU is a Kernel-based root solution for Android devices. In versions 0.7.1 and prior, the logic of get apk path in KernelSU kernel module can be bypassed, which causes any malicious apk named `me.weishu.kernelsu` get root permission. If a KernelSU module installed device try to install any not checked apk which package name equal to the official KernelSU Manager, it can take over root privileges on the device. As of time of publication, a patched version is not available. | |||||
| CVE-2023-50711 | 1 Rust-vmm | 1 Vmm-sys-util | 2024-01-08 | N/A | 9.8 CRITICAL |
| vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the `FamStructWrapper::deserialize` implementation provided by the crate for `vmm_sys_util::fam::FamStructWrapper` can lead to out of bounds memory accesses. The deserialization does not check that the length stored in the header matches the flexible array length. Mismatch in the lengths might allow out of bounds memory access through Rust-safe methods. The issue was corrected in version 0.12.0 by inserting a check that verifies the lengths of compared flexible arrays are equal for any deserialized header and aborting deserialization otherwise. Moreover, the API was changed so that header length can only be modified through Rust-unsafe code. This ensures that users cannot trigger out-of-bounds memory access from Rust-safe code. | |||||
| CVE-2023-51652 | 1 Spassarop | 1 Owasp Antisamy .net | 2024-01-08 | N/A | 6.1 MEDIUM |
| OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Prior to version 1.2.0, there is a potential for a mutation cross-site scripting (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file and also allow for certain tags at the same time. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. This is patched in OWASP AntiSamy .NET 1.2.0 and later. See important remediation details in the reference given below. As a workaround, manually edit the AntiSamy policy file (e.g., antisamy.xml) by deleting the `preserveComments` directive or setting its value to `false`, if present. Also it would be useful to make AntiSamy remove the `noscript` tag by adding a line described in the GitHub Security Advisory to the tag definitions under the `<tagrules>` node, or deleting it entirely if present. As the previously mentioned policy settings are preconditions for the mXSS attack to work, changing them as recommended should be sufficient to protect you against this vulnerability when using a vulnerable version of this library. However, the existing bug would still be present in AntiSamy or its parser dependency (HtmlAgilityPack). The safety of this workaround relies on configurations that may change in the future and don't address the root cause of the vulnerability. As such, it is strongly recommended to upgrade to a fixed version of AntiSamy. | |||||
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-01-08 | N/A | 7.5 HIGH |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | |||||
| CVE-2023-45561 | 1 Linecorp | 1 Line | 2024-01-08 | N/A | 5.3 MEDIUM |
| An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. | |||||
| CVE-2023-45892 | 1 Floorsightsoftware | 1 Insight | 2024-01-08 | N/A | 7.5 HIGH |
| An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information. | |||||
| CVE-2023-6485 | 1 Bplugins | 1 Html5 Video Player | 2024-01-08 | N/A | 5.4 MEDIUM |
| The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against high privilege users like admins | |||||
| CVE-2023-45893 | 1 Floorsightsoftware | 1 Customer Portal | 2024-01-08 | N/A | 7.5 HIGH |
| An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information. | |||||
| CVE-2024-21623 | 1 Mehah | 1 Otclient | 2024-01-08 | N/A | 9.8 CRITICAL |
| OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue. | |||||
| CVE-2023-47458 | 1 Bladex | 1 Springblade | 2024-01-08 | N/A | 9.8 CRITICAL |
| An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. | |||||
| CVE-2024-0186 | 1 Huiran Host Reseller System Project | 1 Huiran Host Reseller System | 2024-01-08 | N/A | 8.1 HIGH |
| A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST Request Handler. The manipulation leads to weak password recovery. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249444. | |||||
| CVE-2024-0182 | 1 Janobe | 1 Engineers Online Portal | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-249440. | |||||
| CVE-2024-21627 | 1 Prestashop | 1 Prestashop | 2024-01-08 | N/A | 6.1 MEDIUM |
| PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the `isCleanHTML` method. Some modules using the `isCleanHTML` method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this issue. The best workaround is to use the `HTMLPurifier` library to sanitize html input coming from users. The library is already available as a dependency in the PrestaShop project. Beware though that in legacy object models, fields of `HTML` type will call `isCleanHTML`. | |||||
| CVE-2023-51675 | 1 Vasyltech | 1 Advanced Access Manager | 2024-01-08 | N/A | 5.4 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.18. | |||||
| CVE-2023-47804 | 1 Apache | 1 Openoffice | 2024-01-08 | N/A | 8.8 HIGH |
| Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution. This is a corner case of CVE-2022-47502. | |||||
| CVE-2024-21628 | 1 Prestashop | 1 Prestashop | 2024-01-08 | N/A | 6.1 MEDIUM |
| PrestaShop is an open-source e-commerce platform. Prior to version 8.1.3, the isCleanHtml method is not used on this this form, which makes it possible to store a cross-site scripting payload in the database. The impact is low because the HTML is not interpreted in BO, thanks to twig's escape mechanism. In FO, the cross-site scripting attack is effective, but only impacts the customer sending it, or the customer session from which it was sent. This issue affects those who have a module fetching these messages from the DB and displaying it without escaping HTML. Version 8.1.3 contains a patch for this issue. | |||||
| CVE-2023-6093 | 1 Moxa | 2 Oncell G3150a-lte, Oncell G3150a-lte Firmware | 2024-01-08 | N/A | 6.1 MEDIUM |
| A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application. | |||||
| CVE-2021-46901 | 1 Cetic | 1 Cetic-6lbr | 2024-01-08 | N/A | 7.5 HIGH |
| examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR (aka 6lbr) 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network. | |||||
| CVE-2023-6421 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-01-08 | N/A | 7.5 HIGH |
| The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. | |||||