Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33224 | 1 Solarwinds | 1 Solarwinds Platform | 2023-08-02 | N/A | 7.2 HIGH |
| The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. | |||||
| CVE-2023-23843 | 1 Solarwinds | 1 Solarwinds Platform | 2023-08-02 | N/A | 7.2 HIGH |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. | |||||
| CVE-2022-31457 | 1 Rtx Trap Project | 1 Rtx Trap | 2023-08-02 | N/A | 7.5 HIGH |
| RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/. | |||||
| CVE-2023-28130 | 1 Checkpoint | 1 Gaia Portal | 2023-08-02 | N/A | 7.2 HIGH |
| Local user may lead to privilege escalation using Gaia Portal hostnames page. | |||||
| CVE-2023-39261 | 1 Jetbrains | 1 Intellij Idea | 2023-08-02 | N/A | 7.8 HIGH |
| In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions | |||||
| CVE-2023-26859 | 1 Brevo | 1 Brevo | 2023-08-02 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component. | |||||
| CVE-2022-47758 | 1 Nanoleaf | 1 Nanoleaf Firmware | 2023-08-02 | N/A | 9.8 CRITICAL |
| Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack. | |||||
| CVE-2023-32629 | 1 Canonical | 1 Ubuntu Linux | 2023-08-02 | N/A | 7.8 HIGH |
| Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels | |||||
| CVE-2023-38501 | 1 Copyparty Project | 1 Copyparty | 2023-08-02 | N/A | 6.1 MEDIUM |
| copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue. | |||||
| CVE-2023-3945 | 1 Phpscriptpoint | 1 Lawyer | 2023-08-02 | N/A | 6.1 MEDIUM |
| A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-3947 | 1 Imdpen | 1 Video Conferencing With Zoom | 2023-08-02 | N/A | 5.3 MEDIUM |
| The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapi_encrypt_decrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meeting id and password. | |||||
| CVE-2023-38496 | 1 Lfprojects | 1 Apptainer | 2023-08-02 | N/A | 3.3 LOW |
| Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems. A security fix has been included in Apptainer 1.2.1. There is no known workaround outside of upgrading to Apptainer 1.2.1. | |||||
| CVE-2023-1522 | 1 Genetec | 1 Security Center | 2023-08-02 | N/A | 8.8 HIGH |
| SQL Injection in the Hardware Inventory report of Security Center 5.11.2. | |||||
| CVE-2023-22743 | 1 Git For Windows Project | 1 Git For Windows | 2023-08-02 | N/A | 7.3 HIGH |
| Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This potentially allows users with local write access to place malicious payloads in a location where automated upgrades might run the Git for Windows installer with elevation. Version 2.39.2 contains a patch for this issue. Some workarounds are available. Never leave untrusted files in the Downloads folder or its sub-folders before executing the Git for Windows installer, or move the installer into a different directory before executing it. | |||||
| CVE-2023-32231 | 1 Vasion | 1 Printerlogic Client | 2023-08-02 | N/A | 9.9 CRITICAL |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution. | |||||
| CVE-2023-3384 | 1 Redhat | 1 Quay | 2023-08-02 | N/A | 5.4 MEDIUM |
| A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to a public registry containing a script that can be executed via Cross-site scripting (XSS). | |||||
| CVE-2023-38500 | 1 Typo3 | 1 Html Sanitizer | 2023-08-02 | N/A | 6.1 MEDIUM |
| TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious markup nested in a `noscript` element was not encoded correctly. `noscript` is disabled in the default configuration, but might have been enabled in custom scenarios. This allows bypassing the cross-site scripting mechanism of TYPO3 HTML Sanitizer. Versions 1.5.1 and 2.1.2 fix the problem. | |||||
| CVE-2023-32232 | 1 Vasion | 1 Printerlogic Client | 2023-08-02 | N/A | 9.9 CRITICAL |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges). | |||||
| CVE-2023-38499 | 1 Typo3 | 1 Typo3 | 2023-08-02 | N/A | 5.3 MEDIUM |
| TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. | |||||
| CVE-2008-0198 | 1 Wp-contactform Project | 1 Wp-contactform | 2023-08-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) wpcf_question, (2) wpcf_success_msg, or (3) wpcf_error_msg parameter to wp-admin/admin.php. | |||||
| CVE-2008-0615 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2023-08-02 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters. | |||||
| CVE-2023-34235 | 1 Strapi | 1 Strapi | 2023-08-02 | N/A | 7.5 HIGH |
| Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to another table they want to query, the query changes from `password` to `t1.password`. `password` is protected by filtering protections but `t1.password` is not protected. This can lead to filtering attacks on everything related to the object again, including admin passwords and reset-tokens. Version 4.10.8 fixes this issue. | |||||
| CVE-2014-8270 | 1 Bmc | 1 Track-it\! | 2023-08-02 | 5.0 MEDIUM | N/A |
| BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset. | |||||
| CVE-2014-4872 | 1 Bmc | 1 Track-it\! | 2023-08-02 | 7.5 HIGH | N/A |
| BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. | |||||
| CVE-2008-0616 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2023-08-02 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | |||||
| CVE-2008-0617 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2023-08-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.7.0 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter to wp-admin/admin.php, or the (2) messagefield parameter in the guestbook page, and the (3) title parameter in the messagearea. | |||||
| CVE-2008-0618 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2023-08-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) gbname, (2) gbemail, (3) gburl, and (4) gbmsg parameters to unspecified programs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0491 | 1 Fgallery Project | 1 Fgallery | 2023-08-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter. | |||||
| CVE-2007-4165 | 1 Xuyiyang | 1 Blue Memories Theme | 2023-08-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the Blue Memories theme 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757 and CVE-2007-4014. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2023-35929 | 1 Enalean | 1 Tuleap | 2023-08-02 | N/A | 5.4 MEDIUM |
| Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix. | |||||
| CVE-2008-2316 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." | |||||
| CVE-2008-3144 | 1 Python | 1 Python | 2023-08-02 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. | |||||
| CVE-2008-1679 | 1 Python | 1 Python | 2023-08-02 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | |||||
| CVE-2007-4965 | 1 Python | 1 Python | 2023-08-02 | 5.8 MEDIUM | N/A |
| Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. | |||||
| CVE-2023-34189 | 1 Apache | 1 Inlong | 2023-08-02 | N/A | 6.5 MEDIUM |
| Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it. | |||||
| CVE-2008-3143 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." | |||||
| CVE-2023-35943 | 1 Envoyproxy | 1 Envoy | 2023-08-02 | N/A | 7.5 HIGH |
| Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the `origin` header is removed and deleted between `decodeHeaders`and `encodeHeaders`. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, do not remove the `origin` header in the Envoy configuration. | |||||
| CVE-2023-21405 | 1 Axis | 11 A1001, A1001 Firmware, A1210 \(-b\) and 8 more | 2023-08-02 | N/A | 6.5 MEDIUM |
| Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed. No sensitive or customer data can be extracted as the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions. | |||||
| CVE-2023-35942 | 1 Envoyproxy | 1 Envoy | 2023-08-02 | N/A | 6.5 MEDIUM |
| Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. | |||||
| CVE-2023-35941 | 1 Envoyproxy | 1 Envoy | 2023-08-02 | N/A | 9.8 CRITICAL |
| Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios in which HMAC payload can be always valid in OAuth2 filter's check. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, avoid wildcards/prefix domain wildcards in the host's domain configuration. | |||||
| CVE-2021-39820 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-08-02 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2023-3782 | 1 Squareup | 1 Okhttp-brotli | 2023-08-02 | N/A | 5.9 MEDIUM |
| DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response | |||||
| CVE-2007-2052 | 1 Python | 1 Python | 2023-08-02 | 5.0 MEDIUM | N/A |
| Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. | |||||
| CVE-2006-4980 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. | |||||
| CVE-2005-0089 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. | |||||
| CVE-2004-0150 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. | |||||
| CVE-2002-1119 | 1 Python | 1 Python | 2023-08-02 | 4.6 MEDIUM | N/A |
| os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack. | |||||
| CVE-2023-3696 | 1 Mongoosejs | 1 Mongoose | 2023-08-02 | N/A | 9.8 CRITICAL |
| Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4. | |||||
| CVE-2021-34475 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 5.4 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-33140 | 1 Microsoft | 1 Onenote | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft OneNote Spoofing Vulnerability | |||||