Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0283 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 6.1 MEDIUM |
| A vulnerability was found in Kashipara Food Management System up to 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file party_details.php. The manipulation of the argument party_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249838 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0282 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 6.1 MEDIUM |
| A vulnerability was found in Kashipara Food Management System up to 1.0. It has been classified as problematic. This affects an unknown part of the file addmaterialsubmit.php. The manipulation of the argument tin leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249837 was assigned to this vulnerability. | |||||
| CVE-2024-0290 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Kashipara Food Management System 1.0. This issue affects some unknown processing of the file stock_edit.php. The manipulation of the argument item_type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249851. | |||||
| CVE-2024-0289 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in Kashipara Food Management System 1.0. This vulnerability affects unknown code of the file stock_entry_submit.php. The manipulation of the argument itemype leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249850 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0288 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Kashipara Food Management System 1.0. This affects an unknown part of the file rawstock_used_damaged_submit.php. The manipulation of the argument product_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249849 was assigned to this vulnerability. | |||||
| CVE-2024-0287 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Kashipara Food Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file itemBillPdf.php. The manipulation of the argument printid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249848. | |||||
| CVE-2024-0284 | 1 Kashipara | 1 Food Management System | 2024-01-08 | N/A | 6.1 MEDIUM |
| A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file party_submit.php. The manipulation of the argument party_address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249839. | |||||
| CVE-2023-28583 | 1 Qualcomm | 60 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 57 more | 2024-01-08 | N/A | 7.8 HIGH |
| Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. | |||||
| CVE-2023-50708 | 1 Yiiframework | 1 Yii2-authclient | 2024-01-08 | N/A | 9.8 CRITICAL |
| yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Connect `nonce` is vulnerable for a `timing attack` since it is compared via regular string comparison (instead of `Yii::$app->getSecurity()->compareString()`). Version 2.2.15 contains a patch for the issue. No known workarounds are available. | |||||
| CVE-2023-45862 | 2 Linux, Netapp | 4 Linux Kernel, Active Iq Unified Manager, H410c and 1 more | 2024-01-08 | N/A | 5.5 MEDIUM |
| An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. | |||||
| CVE-2023-49777 | 1 Yithemes | 1 Yith Woocommerce Product Add-ons | 2024-01-08 | N/A | 8.8 HIGH |
| Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0. | |||||
| CVE-2023-6271 | 1 Backupbliss | 1 Backup Migration | 2024-01-08 | N/A | 7.5 HIGH |
| The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups. | |||||
| CVE-2023-6064 | 1 Payhere | 1 Payhere Payment Gateway | 2024-01-08 | N/A | 7.5 HIGH |
| The PayHere Payment Gateway WordPress plugin before 2.2.12 automatically creates publicly-accessible log files containing sensitive information when transactions occur. | |||||
| CVE-2023-5877 | 1 Servit | 1 Affiliate-toolkit | 2024-01-08 | N/A | 9.8 CRITICAL |
| The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for requests to it's affiliate-toolkit-starter/tools/atkp_imagereceiver.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URL's, including RFC1918 private addresses, leading to a Server Side Request Forgery (SSRF) issue. | |||||
| CVE-2023-4674 | 1 Yaztekteknoloji | 1 E-commerce | 2024-01-08 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-51475 | 1 Wpmlmsoftware | 1 Wp Mlm Unilevel | 2024-01-08 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in IOSS WP MLM SOFTWARE PLUGIN.This issue affects WP MLM SOFTWARE PLUGIN: from n/a through 4.0. | |||||
| CVE-2023-51443 | 1 Freeswitch | 1 Freeswitch | 2024-01-08 | N/A | 7.5 HIGH |
| FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. If an attacker manages to send a ClientHello DTLS message with an invalid CipherSuite (such as `TLS_NULL_WITH_NULL_NULL`) to the port on the FreeSWITCH server that is expecting packets from the caller, a DTLS error is generated. This results in the media session being torn down, which is followed by teardown at signaling (SIP) level too. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable FreeSWITCH servers for calls that rely on DTLS-SRTP. To address this vulnerability, upgrade FreeSWITCH to 1.10.11 which includes the security fix. The solution implemented is to drop all packets from addresses that have not been validated by an ICE check. | |||||
| CVE-2023-6560 | 1 Linux | 1 Linux Kernel | 2024-01-08 | N/A | 5.5 MEDIUM |
| An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. | |||||
| CVE-2023-50928 | 1 Amazon | 1 Awslabs Sandbox Accounts For Events | 2024-01-08 | N/A | 9.0 CRITICAL |
| "Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0. | |||||
| CVE-2023-6000 | 1 Sygnoos | 1 Popup Builder | 2024-01-08 | N/A | 6.1 MEDIUM |
| The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks. | |||||
| CVE-2023-50714 | 1 Yiiframework | 1 Yii2-authclient | 2024-01-08 | N/A | 8.8 HIGH |
| yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available. | |||||
| CVE-2023-6037 | 1 Ljapps | 1 Wp Tripadvisor Review Slider | 2024-01-08 | N/A | 4.8 MEDIUM |
| The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | |||||
| CVE-2023-51421 | 1 Soft8soft | 1 Verge3d | 2024-01-08 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2. | |||||
| CVE-2023-50578 | 1 Mingsoft | 1 Mcms | 2024-01-08 | N/A | 9.8 CRITICAL |
| Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do. | |||||
| CVE-2023-50550 | 1 Layui | 1 Layui | 2024-01-08 | N/A | 5.4 MEDIUM |
| layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter. | |||||
| CVE-2018-25096 | 1 Petrk94 | 1 Ownhealthrecord | 2024-01-08 | N/A | 8.8 HIGH |
| A vulnerability was found in MdAlAmin-aol Own Health Record 0.1-alpha/0.2-alpha/0.3-alpha/0.3.1-alpha. It has been rated as problematic. This issue affects some unknown processing of the file includes/logout.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 0.4-alpha is able to address this issue. The patch is named 58b413aa40820b49070782c786c526850ab7748f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-249191. | |||||
| CVE-2023-52180 | 1 Really-simple-plugins | 1 Recipe Maker For Your Food Blog From Zip Recipes | 2024-01-08 | N/A | 8.1 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0. | |||||
| CVE-2023-7175 | 1 Campcodes | 1 Online College Library System | 2024-01-08 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrow_add.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249362 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-52240 | 1 Kantega-sso | 1 Kantega Saml Sso Oidc Kerberos Single Sign-on | 2024-01-08 | N/A | 6.1 MEDIUM |
| The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 through 4.14.8 before 4.14.9, 5.0.0 through 5.11.4 before 5.11.5, and 6.0.0 through 6.19.0 before 6.20.0. The full product names are Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Data Center & Server (Kantega SSO Enterprise), and Kantega SAML SSO OIDC Kerberos Single Sign-on for FeCru Server (Kantega SSO Enterprise). (Here, FeCru refers to the Atlassian Fisheye and Crucible products running together.) | |||||
| CVE-2022-46486 | 1 Scontain | 1 Scone | 2024-01-08 | N/A | 5.5 MEDIUM |
| A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information. | |||||
| CVE-2023-6710 | 2 Modcluster, Redhat | 2 Mod Proxy Cluster, Enterprise Linux | 2024-01-08 | N/A | 5.4 MEDIUM |
| A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. | |||||
| CVE-2024-0190 | 1 Nia | 1 Rrj Nueva Ecija Engineer Online Portal | 2024-01-08 | N/A | 5.4 MEDIUM |
| A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file add_quiz.php of the component Quiz Handler. The manipulation of the argument Quiz Title/Quiz Description with the input </title><scRipt>alert(x)</scRipt> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249503. | |||||
| CVE-2024-0189 | 1 Nia | 1 Rrj Nueva Ecija Engineer Online Portal | 2024-01-08 | N/A | 5.4 MEDIUM |
| A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teacher_message.php of the component Create Message Handler. The manipulation of the argument Content with the input </title><scRipt>alert(x)</scRipt> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249502 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0191 | 1 Nia | 1 Rrj Nueva Ecija Engineer Online Portal | 2024-01-08 | N/A | 5.3 MEDIUM |
| A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249504. | |||||
| CVE-2024-0192 | 1 Nia | 1 Rrj Nueva Ecija Engineer Online Portal | 2024-01-08 | N/A | 5.4 MEDIUM |
| A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249505 was assigned to this vulnerability. | |||||
| CVE-2023-7172 | 1 Phpgurukul | 1 Hospital Management System | 2024-01-08 | N/A | 7.2 HIGH |
| A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249356. | |||||
| CVE-2023-7173 | 1 Phpgurukul | 1 Hospital Management System | 2024-01-08 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file registration.php. The manipulation of the argument First Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249357 was assigned to this vulnerability. | |||||
| CVE-2023-31302 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field. | |||||
| CVE-2023-50730 | 1 Typelevel | 1 Grackle | 2024-01-08 | N/A | 7.5 HIGH |
| Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments would have been accepted for type checking and compilation. The attempted compilation of such fragments would result in a JVM `StackOverflowError` being thrown. Some knowledge of an applications GraphQL schema would be required to construct such a query, however no knowledge of any application-specific performance or other behavioural characteristics would be needed. Grackle uses the cats-parse library for parsing GraphQL queries. Prior to version 0.18.0, Grackle made use of the cats-parse `recursive` operator. However, `recursive` is not currently stack safe. `recursive` was used in three places in the parser: nested selection sets, nested input values (lists and objects), and nested list type declarations. Consequently, queries with deeply nested selection sets, input values or list types could be constructed which exploited this, causing a JVM `StackOverflowException` to be thrown during parsing. Because this happens very early in query processing, no specific knowledge of an applications GraphQL schema would be required to construct such a query. The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability. This potentially affects all applications using Grackle which have untrusted users. Both stack overflow issues have been resolved in the v0.18.0 release of Grackle. As a workaround, users could interpose a sanitizing layer in between untrusted input and Grackle query processing. | |||||
| CVE-2023-31299 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container. | |||||
| CVE-2023-31294 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 7.5 HIGH |
| CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field. | |||||
| CVE-2023-31293 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 4.3 MEDIUM |
| An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled. | |||||
| CVE-2023-31295 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 7.5 HIGH |
| CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field. | |||||
| CVE-2023-31300 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-01-08 | N/A | 7.5 HIGH |
| An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature. | |||||
| CVE-2024-21642 | 2024-01-08 | N/A | N/A | ||
| D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale prior to 3.9.0 publicly can be vulnerable to server-side request forgery (SSRF), allowing attackers to access files on the server. Users should upgrade to version 3.9.0, where the `Load From the Web` input is turned off by default. The only workaround for versions earlier than 3.9.0 is to only host D-Tale to trusted users. | |||||
| CVE-2023-5824 | 2 Redhat, Squid-cache | 2 Enterprise Linux, Squid | 2024-01-08 | N/A | 7.5 HIGH |
| Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug. | |||||
| CVE-2023-49081 | 1 Aiohttp | 1 Aiohttp | 2024-01-08 | N/A | 5.3 MEDIUM |
| aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request (e.g. to insert a new header) or create a new HTTP request if the attacker controls the HTTP version. The vulnerability only occurs if the attacker can control the HTTP version of the request. This issue has been patched in version 3.9.0. | |||||
| CVE-2023-49082 | 1 Aiohttp | 1 Aiohttp | 2024-01-08 | N/A | 5.3 MEDIUM |
| aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request (e.g. insert a new header) or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if the attacker can control the HTTP method (GET, POST etc.) of the request. If the attacker can control the HTTP version of the request it will be able to modify the request (request smuggling). This issue has been patched in version 3.9.0. | |||||
| CVE-2023-6873 | 2 Debian, Mozilla | 2 Debian Linux, Firefox | 2024-01-07 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121. | |||||
| CVE-2023-6872 | 1 Mozilla | 1 Firefox | 2024-01-07 | N/A | 6.5 MEDIUM |
| Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121. | |||||