Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25122 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the old_remote_subnet and the old_remote_mask variables. | |||||
| CVE-2023-25121 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_ike_profile function with the secrets_local variable. | |||||
| CVE-2023-25120 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_dmvpn function with the cisco_secret variable. | |||||
| CVE-2023-25119 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_pptp function with the remote_subnet and the remote_mask variables. | |||||
| CVE-2023-25118 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the username and the password variables. | |||||
| CVE-2023-25117 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the local_virtual_ip and the local_virtual_mask variables. | |||||
| CVE-2023-25116 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the local_virtual_ip and the remote_virtual_ip variables. | |||||
| CVE-2023-25115 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the remote_ip and the port variables. | |||||
| CVE-2023-25114 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the expert_options variable. | |||||
| CVE-2023-25113 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_l2tp function with the key variable. | |||||
| CVE-2023-25124 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the remote_subnet and the remote_mask variables. | |||||
| CVE-2023-37153 | 1 Kodcloud | 1 Kodexplorer | 2023-08-02 | N/A | 6.1 MEDIUM |
| KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field. | |||||
| CVE-2023-37152 | 1 Online Art Gallery Project | 1 Online Art Gallery | 2023-08-02 | N/A | 9.8 CRITICAL |
| Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. | |||||
| CVE-2023-37151 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-08-02 | N/A | 9.8 CRITICAL |
| Sourcecodester Online Pizza Ordering System v1.0 allows the upload of malicious PHP files resulting in Remote Code Execution (RCE). | |||||
| CVE-2023-37150 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-08-02 | N/A | 6.1 MEDIUM |
| Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item. | |||||
| CVE-2023-3750 | 1 Redhat | 2 Enterprise Linux, Libvirt | 2023-08-02 | N/A | 5.3 MEDIUM |
| A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon. | |||||
| CVE-2023-3748 | 1 Frrouting | 1 Frrouting | 2023-08-02 | N/A | 7.5 HIGH |
| A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. | |||||
| CVE-2023-33201 | 1 Bouncycastle | 1 Bc-java | 2023-08-02 | N/A | 5.3 MEDIUM |
| Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. | |||||
| CVE-2023-3745 | 1 Imagemagick | 1 Imagemagick | 2023-08-02 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-3640 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-08-02 | N/A | 7.8 HIGH |
| A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system. | |||||
| CVE-2023-3321 | 1 Abb | 1 Zenon | 2023-08-02 | N/A | 8.8 HIGH |
| A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. | |||||
| CVE-2023-27385 | 1 Omron | 1 Cx-drive | 2023-08-02 | N/A | 7.8 HIGH |
| Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed. | |||||
| CVE-2023-3700 | 1 Easyappointments | 1 Easyappointments | 2023-08-02 | N/A | 4.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2023-3568 | 1 Fossbilling | 1 Fossbilling | 2023-08-02 | N/A | 4.8 MEDIUM |
| Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2022-3423 | 1 Xgenecloud | 1 Nocodb | 2023-08-02 | N/A | 6.5 MEDIUM |
| Allocation of Resources Without Limits or Throttling in GitHub repository nocodb/nocodb prior to 0.92.0. | |||||
| CVE-2022-3225 | 1 Budibase | 1 Budibase | 2023-08-02 | N/A | 5.7 MEDIUM |
| Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20. | |||||
| CVE-2022-2818 | 1 Agentejo | 1 Cockpit | 2023-08-02 | N/A | 8.8 HIGH |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2. | |||||
| CVE-2022-2732 | 1 Open-emr | 1 Openemr | 2023-08-02 | N/A | 8.3 HIGH |
| Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1. | |||||
| CVE-2022-2054 | 1 Nuitka | 1 Nuitka | 2023-08-02 | 7.2 HIGH | 7.8 HIGH |
| Code Injection in GitHub repository nuitka/nuitka prior to 0.9. | |||||
| CVE-2022-1893 | 1 Trudesk Project | 1 Trudesk | 2023-08-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1650 | 2 Debian, Eventsource | 2 Debian Linux, Eventsource | 2023-08-02 | 5.8 MEDIUM | 9.3 CRITICAL |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2. | |||||
| CVE-2022-1316 | 2 Microsoft, Zerotier | 2 Windows, Zerotierone | 2023-08-02 | 7.2 HIGH | 7.8 HIGH |
| Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation | |||||
| CVE-2022-1252 | 1 Gnuboard | 1 Gnuboard5 | 2023-08-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents | |||||
| CVE-2022-1223 | 1 Phpipam | 1 Phpipam | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. | |||||
| CVE-2022-0762 | 1 Microweber | 1 Microweber | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. | |||||
| CVE-2022-0611 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 6.5 MEDIUM | 8.8 HIGH |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11. | |||||
| CVE-2022-0588 | 1 Librenms | 1 Librenms | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization in Packagist librenms/librenms prior to 22.2.0. | |||||
| CVE-2022-0580 | 1 Librenms | 1 Librenms | 2023-08-02 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | |||||
| CVE-2022-0579 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9. | |||||
| CVE-2022-0569 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9. | |||||
| CVE-2022-0565 | 1 Pimcore | 1 Pimcore | 2023-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1. | |||||
| CVE-2022-0536 | 1 Follow-redirects Project | 1 Follow-redirects | 2023-08-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8. | |||||
| CVE-2022-0355 | 1 Simple-get Project | 1 Simple-get | 2023-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1. | |||||
| CVE-2022-0338 | 1 Loguru Project | 1 Loguru | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3. | |||||
| CVE-2022-0282 | 1 Microweber | 1 Microweber | 2023-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| Cross-site Scripting in Packagist microweber/microweber prior to 1.2.11. | |||||
| CVE-2022-0178 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 5.5 MEDIUM | 5.4 MEDIUM |
| Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8. | |||||
| CVE-2022-0174 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2023-08-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr. | |||||
| CVE-2022-0121 | 1 Hoppscotch | 1 Hoppscotch | 2023-08-02 | 6.0 MEDIUM | 8.0 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hoppscotch hoppscotch/hoppscotch.This issue affects hoppscotch/hoppscotch before 2.1.1. | |||||
| CVE-2023-25841 | 1 Esri | 1 Arcgis | 2023-08-02 | N/A | 6.1 MEDIUM |
| There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 – 11.0 on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. Mitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities. | |||||
| CVE-2023-35088 | 1 Apache | 1 Inlong | 2023-08-02 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. In the toAuditCkSql method, the groupId, streamId, auditId, and dt are directly concatenated into the SQL query statement, which may lead to SQL injection attacks. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8198 | |||||