Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3614 | 1 Mattermost | 1 Mattermost Server | 2023-07-26 | N/A | 3.3 LOW |
| Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file. | |||||
| CVE-2023-28767 | 1 Zyxel | 44 Usg 20w-vpn, Usg 20w-vpn Firmware, Usg 2200-vpn and 41 more | 2023-07-26 | N/A | 8.8 HIGH |
| The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36, USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled. | |||||
| CVE-2023-34138 | 1 Zyxel | 44 Usg 20w-vpn, Usg 20w-vpn Firmware, Usg 2200-vpn and 41 more | 2023-07-26 | N/A | 8.0 HIGH |
| A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware versions 4.60 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the list of trusted RADIUS clients in advance. | |||||
| CVE-2023-33012 | 1 Zyxel | 44 Usg 20w-vpn, Usg 20w-vpn Firmware, Usg 2200-vpn and 41 more | 2023-07-26 | N/A | 8.8 HIGH |
| A command injection vulnerability in the configuration parser of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands by using a crafted GRE configuration when the cloud management mode is enabled. | |||||
| CVE-2023-33011 | 1 Zyxel | 44 Usg 20w-vpn, Usg 20w-vpn Firmware, Usg 2200-vpn and 41 more | 2023-07-26 | N/A | 8.8 HIGH |
| A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands by using a crafted PPPoE configuration on an affected device when the cloud management mode is enabled. | |||||
| CVE-2023-37475 | 1 Avro Project | 1 Avro | 2023-07-26 | N/A | 7.5 HIGH |
| Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial of service of the consumer of avro. The root cause of the issue is that avro uses part of the input to `Unmarshal()` to determine the size when creating a new slice and hence an attacker may consume arbitrary amounts of memory which in turn may cause the application to crash. This issue has been addressed in commit `b4a402f4` which has been included in release version `2.13.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-34139 | 1 Zyxel | 30 Usg 2200-vpn, Usg 2200-vpn Firmware, Usg Flex 100 and 27 more | 2023-07-26 | N/A | 8.8 HIGH |
| A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device. | |||||
| CVE-2022-30858 | 1 Ngiflib Project | 1 Ngiflib | 2023-07-26 | N/A | 6.5 MEDIUM |
| An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0 | |||||
| CVE-2023-34141 | 1 Zyxel | 48 Nxc2500, Nxc2500 Firmware, Nxc5500 and 45 more | 2023-07-26 | N/A | 8.0 HIGH |
| A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance. | |||||
| CVE-2023-34140 | 1 Zyxel | 48 Nxc2500, Nxc2500 Firmware, Nxc5500 and 45 more | 2023-07-26 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon. | |||||
| CVE-2023-3822 | 1 Pimcore | 1 Pimcore | 2023-07-26 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4. | |||||
| CVE-2023-3821 | 1 Pimcore | 1 Pimcore | 2023-07-26 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4. | |||||
| CVE-2023-3820 | 1 Pimcore | 1 Pimcore | 2023-07-26 | N/A | 7.2 HIGH |
| SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4. | |||||
| CVE-2023-3819 | 1 Pimcore | 1 Pimcore | 2023-07-26 | N/A | 6.5 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4. | |||||
| CVE-2023-3811 | 1 Hospital Management System Project | 1 Hospital Management System | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file patientprofile.php. The manipulation of the argument address leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235079. | |||||
| CVE-2023-3810 | 1 Hospital Management System Project | 1 Hospital Management System | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file patientappointment.php. The manipulation of the argument loginid/password/mobileno/appointmentdate/appointmenttime/patiente/dob/doct/city leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235078 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-3809 | 1 Hospital Management System Project | 1 Hospital Management System | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file patient.php. The manipulation of the argument address leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235077 was assigned to this vulnerability. | |||||
| CVE-2023-3813 | 1 Artbees | 1 Jupiter X Core | 2023-07-26 | N/A | 7.5 HIGH |
| The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 2.5.0. This makes it possible for unauthenticated attackers to download the contents of arbitrary files on the server, which can contain sensitive information. The requires the premium version of the plugin to be activated. | |||||
| CVE-2023-3808 | 1 Hospital Management System Project | 1 Hospital Management System | 2023-07-26 | N/A | 8.8 HIGH |
| A vulnerability was found in Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file patientforgotpassword.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235076. | |||||
| CVE-2023-3807 | 1 Beauty Salon Management System Project | 1 Beauty Salon Management System | 2023-07-26 | N/A | 8.8 HIGH |
| A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235075. | |||||
| CVE-2023-32483 | 1 Dell | 1 Wyse Management Suite | 2023-07-26 | N/A | 4.4 MEDIUM |
| Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files. | |||||
| CVE-2023-32482 | 1 Dell | 1 Wyse Management Suite | 2023-07-26 | N/A | 4.9 MEDIUM |
| Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. | |||||
| CVE-2023-32481 | 1 Dell | 1 Wyse Management Suite | 2023-07-26 | N/A | 6.5 MEDIUM |
| Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. | |||||
| CVE-2023-37733 | 1 Tduckcloud | 1 Tduck-platform | 2023-07-26 | N/A | 6.1 MEDIUM |
| An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file. | |||||
| CVE-2022-40896 | 1 Pygments | 1 Pygments | 2023-07-26 | N/A | 5.5 MEDIUM |
| A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer. | |||||
| CVE-2023-33876 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. A specially-crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object which can lead to memory corruption and result in arbitrary code execution. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-33866 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-32664 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 7.8 HIGH |
| A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability. | |||||
| CVE-2023-28744 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-27379 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-30989 | 1 Ibm | 1 I | 2023-07-26 | N/A | 7.8 HIGH |
| IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017. | |||||
| CVE-2023-30988 | 1 Ibm | 1 I | 2023-07-26 | N/A | 7.8 HIGH |
| The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016. | |||||
| CVE-2023-3695 | 1 Beauty Salon Management System Project | 1 Beauty Salon Management System | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file add-product.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234252. | |||||
| CVE-2023-3694 | 1 Sourcecodester House Rental And Property Listing Project | 1 House Rental And Property Listing | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in SourceCodester House Rental and Property Listing 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-234245 was assigned to this vulnerability. | |||||
| CVE-2023-3693 | 1 Life Insurance Management System Project | 1 Life Insurance Management System | 2023-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in SourceCodester Life Insurance Management System 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234244. | |||||
| CVE-2023-31216 | 1 Ultimatemember | 1 Ultimate Member | 2023-07-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plugin <= 2.6.0 versions. | |||||
| CVE-2023-33857 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-07-26 | N/A | 5.3 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695. | |||||
| CVE-2023-35901 | 3 Ibm, Microsoft, Redhat | 5 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 2 more | 2023-07-26 | N/A | 5.3 MEDIUM |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force ID: 259380. | |||||
| CVE-2023-2701 | 1 Mediaburst | 1 Gravity Forms | 2023-07-26 | N/A | 6.1 MEDIUM |
| The Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin. | |||||
| CVE-2023-3442 | 2023-07-26 | N/A | N/A | ||
| A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. | |||||
| CVE-2023-33229 | 2023-07-26 | N/A | N/A | ||
| The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML. | |||||
| CVE-2023-23842 | 2023-07-26 | N/A | N/A | ||
| The SolarWinds Network Configuration Manager was susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. | |||||
| CVE-2023-39151 | 2023-07-26 | N/A | N/A | ||
| Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents. | |||||
| CVE-2023-2579 | 1 Inventorypress Project | 1 Inventorypress | 2023-07-26 | N/A | 5.4 MEDIUM |
| The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2023-1893 | 1 Login Configurator Project | 1 Login Configurator | 2023-07-26 | N/A | 6.1 MEDIUM |
| The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators. | |||||
| CVE-2023-2143 | 1 Ideastocode | 1 Enable Svg\, Webp \& Ico Upload | 2023-07-26 | N/A | 5.4 MEDIUM |
| The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability. | |||||
| CVE-2022-27169 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-26833 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2022-26303 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-26082 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||