2moons — 2moons A vulnerability classified as critical has been found in oktora24 2moons. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 1b09cf7672eb85b5b0c8a4de321f7a4ad87b09a7. It is recommended to apply a patch to fix this issue. VDB-218898 is the identifier assigned to this vulnerability. 2023-01-19 not yet calculated CVE-2013-10014
MISC
MISC
MISC

Dell — idrac8

Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. 2023-01-18 not yet calculated CVE-2022-34436
MISC Inventorysystem — inventorysystem Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c (on Apr 23, 2021) via edit_store_name and edit_active inputs in file InventorySystem.php. 2023-01-20 not yet calculated CVE-2023-23014
MISC
MISC PictureThisWebServer — PictureThisWebServer A vulnerability was found in PictureThisWebServer and classified as critical. This issue affects the function router.post of the file routes/user.js. The manipulation of the argument username/password leads to sql injection. The name of the patch is 68b9dc346e88b494df00d88c7d058e96820e1479. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218399. 2023-01-16 not yet calculated CVE-2015-10055
MISC
MISC
MISC
MISC agy — pontifex.http A vulnerability was found in agy pontifex.http. It has been declared as critical. This vulnerability affects unknown code of the file lib/Http.coffee. The manipulation leads to sql injection. Upgrading to version 0.1.0 is able to address this issue. The name of the patch is e52a758f96861dcef2dabfecb9da191bb2e07761. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218356. 2023-01-15 not yet calculated CVE-2014-125079
MISC
MISC
MISC
MISC alf.io — alf.io Cross-site Scripting (XSS) – Reflected in GitHub repository alfio-event/alf.io prior to 2.0-M4-2301. 2023-01-14 not yet calculated CVE-2023-0300
CONFIRM
MISC alf.io — alf.io Cross-site Scripting (XSS) – Stored in GitHub repository alfio-event/alf.io prior to Alf.io 2.0-M4-2301. 2023-01-14 not yet calculated CVE-2023-0301
CONFIRM
MISC alsdb — alsdb A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The name of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affected component. The identifier VDB-218429 was assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2016-15021
MISC
MISC
MISC
MISC anant_labs — google-enterprise-connector-dctm A vulnerability has been found in Anant Labs google-enterprise-connector-dctm up to 3.2.3 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/domain leads to sql injection. The name of the patch is 6fba04f18ab7764002a1da308e7cd9712b501cb7. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218911. 2023-01-19 not yet calculated CVE-2014-125083
MISC
MISC
MISC apache — http_server A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. 2023-01-17 not yet calculated CVE-2006-20001
MISC apache — http_server Inconsistent Interpretation of HTTP Requests (‘HTTP Request Smuggling’) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. 2023-01-17 not yet calculated CVE-2022-36760
MISC

apache — http_server

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client. 2023-01-17 not yet calculated CVE-2022-37436
MISC apache — multiple_products Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0. 2023-01-21 not yet calculated CVE-2023-22884
MISC
MISC apache — shiro
  When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot < 2.6 default to Ant style pattern matching. Mitigation: Update to Apache Shiro 1.11.0, or set the following Spring Boot configuration value: `spring.mvc.pathmatch.matching-strategy = ant_path_matcher` 2023-01-14 not yet calculated CVE-2023-22602
MISC

apache — superset

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the feature flag “ALLOW_ADHOC_SUBQUERY” disabled (default value). This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-41703
MISC

apache — superset

Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-43717
MISC

apache — superset

Upload data forms do not correctly render user input leading to possible XSS attack vectors that can be performed by authenticated users with database connection update permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-43718
MISC

apache — superset

Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-43719
MISC

apache — superset

An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-43720
MISC

apache — superset

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-43721
MISC

apache — superset

When explicitly enabling the feature flag DASHBOARD_CACHE (disabled by default), the system allowed for an unauthenticated user to access dashboard configuration metadata using a REST API Get endpoint. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. 2023-01-16 not yet calculated CVE-2022-45438
MISC apollo — apollo A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The name of the patch is 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218307. 2023-01-14 not yet calculated CVE-2015-10043
MISC
MISC
MISC

apple — foundationnetworking

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server, the server may interpret the content after the CRLF as extra headers, or even a second request. For example, consider a URLRequest to http://example.com/ with the GET method. Suppose we set the URLRequest header “Foo” to the value “Bar Extra-Header: Added GET /other HTTP/1.1”. When this request is sent, it will appear to the server as two requests: GET / HTTP/1.1 Foo: Bar Extra-Header: Added GET /other HTTP/1.1 In this manner, the client is able to inject extra headers and craft an entirely new request to a separate path, despite only making one API call in URLSession. If a developer has total control over the request and its headers, this vulnerability may not pose a threat. However, this vulnerability escalates if un-sanitized user input is placed in header values. If so, a malicious user could inject new headers or requests to an intermediary or backend server. Developers should be especially careful to sanitize user input in this case, or upgrade their version of swift-corelibs-foundation to include the patch below. 2023-01-20 not yet calculated CVE-2022-3918
MISC

arm — mali_gpu_kernel_driver

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. 2023-01-17 not yet calculated CVE-2022-46891
MISC

assimp — assimp

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. 2023-01-20 not yet calculated CVE-2022-45748
MISC

autolab — autolab

Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab’s MOSS functionality, whereby an instructor with access to the feature might be able to execute code on the server hosting Autolab. This vulnerability has been patched in version 2.10.0. As a workaround, disable the MOSS feature if it is unneeded by replacing the body of `run_moss` in `app/controllers/courses_controller.rb` with `render(plain: “Feature disabled”, status: :bad_request) && return`. 2023-01-14 not yet calculated CVE-2022-41955
MISC

autolab — autolab

Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A file disclosure vulnerability was discovered in Autolab’s remote handin feature, whereby users are able to hand-in assignments using paths outside their submission directory. Users can then view the submission to view the file’s contents. The vulnerability has been patched in version 2.10.0. As a workaround, ensure that the field for the remote handin feature is empty (Edit Assessment > Advanced > Remote handin path), and that you are not running Autolab as `root` (or any user that has write access to `/`). Alternatively, disable the remote handin feature if it is unneeded by replacing the body of `local_submit` in `app/controllers/assessment/handin.rb` with `render(plain: “Feature disabled”, status: :bad_request) && return`. 2023-01-14 not yet calculated CVE-2022-41956
MISC
MISC

bitrix — bitrix

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php. 2023-01-20 not yet calculated CVE-2022-43959
MISC
MISC
MISC

blogengine — blogengine

BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with “files” prefix under ~/App_Data/. 2023-01-18 not yet calculated CVE-2022-41417
MISC
MISC bluecat — device_registration_portal BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as “machine example.com login daniel password qwerty” in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported. There is no available information about whether any later version is affected. 2023-01-15 not yet calculated CVE-2023-23595
MISC
MISC
MISC bricco_authenticator_plugin — bricco_authenticator_plugin A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is able to address this issue. The name of the patch is a5456633ff75e8f13705974c7ed1ce77f3f142d5. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218428. 2023-01-17 not yet calculated CVE-2013-10013
MISC
MISC
MISC
MISC

builderio — qwik

Cross-site Scripting (XSS) – Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5. 2023-01-20 not yet calculated CVE-2023-0410
CONFIRM
MISC cakephp — cakephp CakePHP is a development framework for PHP web apps. In affected versions the `CakeDatabaseQuery::limit()` and `CakeDatabaseQuery::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP’s Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue. 2023-01-17 not yet calculated CVE-2023-22727
MISC
MISC
MISC cash-machine — cash-machine A vulnerability was found in viakondratiuk cash-machine. It has been declared as critical. This vulnerability affects the function is_card_pin_at_session/update_failed_attempts of the file machine.py. The manipulation leads to sql injection. The name of the patch is 62a6e24efdfa195b70d7df140d8287fdc38eb66d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218896. 2023-01-19 not yet calculated CVE-2015-10069
MISC
MISC
MISC

ceph — ceph

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information. 2023-01-17 not yet calculated CVE-2022-3650
MISC cis450project — cis450project A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is 39b495011437a105c7670e17e071f99195b4922e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218380. 2023-01-14 not yet calculated CVE-2015-10020
MISC
MISC
MISC

cisco — asyncos

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device. 2023-01-20 not yet calculated CVE-2023-20057
MISC cisco — broadworks A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2023-01-20 not yet calculated CVE-2023-20019
MISC cisco — broadworks A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition. 2023-01-20 not yet calculated CVE-2023-20020
MISC cisco — cs_cloud_agent A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device. 2023-01-20 not yet calculated CVE-2023-20043
MISC cisco — cs_cloud_agent A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device. 2023-01-20 not yet calculated CVE-2023-20044
MISC

cisco — identity_services_engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the web-based management interface. An attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands. A successful exploit could allow the attacker to execute arbitrary operating system commands on the underlying operating system with the privileges of the web services user. Cisco has not yet released software updates that address this vulnerability. 2023-01-20 not yet calculated CVE-2022-20964
MISC

cisco — identity_services_engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interface. This vulnerability is due to improper access control on a feature within the web-based management interface of the affected system. An attacker could exploit this vulnerability by accessing features through direct requests, bypassing checks within the application. A successful exploit could allow the attacker to take privileged actions within the web-based management interface that should be otherwise restricted. {{value}} [“%7b%7bvalue%7d%7d”])}]] 2023-01-20 not yet calculated CVE-2022-20965
MISC

cisco — identity_services_engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks. Cisco has not yet released software updates that address this vulnerability. 2023-01-20 not yet calculated CVE-2022-20966
MISC

cisco — identity_services_engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks. Cisco has not yet released software updates that address this vulnerability. 2023-01-20 not yet calculated CVE-2022-20967
MISC cisco — industrial_network_director A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application. An attacker could exploit this vulnerability by sending requests containing malicious values to the affected system. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2023-01-20 not yet calculated CVE-2023-20037
MISC cisco — industrial_network_director A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director. 2023-01-20 not yet calculated CVE-2023-20038
MISC

cisco — ip_phone_7800_and_8800_series

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication. 2023-01-20 not yet calculated CVE-2023-20018
MISC cisco — multiple_products A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials. This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition. 2023-01-20 not yet calculated CVE-2023-20007
MISC cisco — network_services_orchestrator A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group. This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition. Note: By default, during install, Cisco NSO will be set up to run as the root user unless the –run-as-user option is used. 2023-01-20 not yet calculated CVE-2023-20040
MISC

cisco — small_business_rv042

A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device. This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device. 2023-01-20 not yet calculated CVE-2023-20025
MISC

cisco — small_business_rv042

A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device. This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. 2023-01-20 not yet calculated CVE-2023-20026
MISC cisco — small_business_rv160_and_rv260_series A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands using root-level privileges on the affected device. To exploit this vulnerability, the attacker must have valid Administrator-level credentials on the affected device. 2023-01-20 not yet calculated CVE-2023-20045
MISC cisco — telepresence_ce_and_roomos A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected system. 2023-01-20 not yet calculated CVE-2023-20002
MISC cisco — telepresence_ce_and_roomos A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are in the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. 2023-01-20 not yet calculated CVE-2023-20008
MISC cisco — unified_communications_manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read or modify any data on the underlying database or elevate their privileges. 2023-01-20 not yet calculated CVE-2023-20010
MISC

cisco — unified_intelligence_center

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. 2023-01-20 not yet calculated CVE-2023-20058
MISC

cisco — webex

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient resource allocation. An attacker could exploit this vulnerability by sending crafted LLDP traffic to an affected device. A successful exploit could allow the attacker to exhaust the memory resources of the affected device, resulting in a crash of the LLDP process. If the affected device is configured to support LLDP only, this could cause an interruption to inbound and outbound calling. By default, these devices are configured to support both Cisco Discovery Protocol and LLDP. To recover operational state, the affected device needs a manual restart. 2023-01-20 not yet calculated CVE-2023-20047
MISC clan7ups — clan7ups A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218388. 2023-01-16 not yet calculated CVE-2013-10012
MISC
MISC
MISC classroombookings — classroombookings Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php. 2023-01-20 not yet calculated CVE-2023-23012
MISC
MISC console — console A vulnerability was found in yanheven console and classified as problematic. Affected by this issue is some unknown functionality of the file horizon/static/horizon/js/horizon.instances.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 32a7b713468161282f2ea01d5e2faff980d924cd. It is recommended to apply a patch to fix this issue. VDB-218354 is the identifier assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2014-125078
MISC
MISC
MISC contec_co_ltd — conprosys_hmi_system Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information. 2023-01-20 not yet calculated CVE-2023-22331
MISC
MISC
MISC
MISC contec_co_ltd — conprosys_hmi_system Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack. 2023-01-20 not yet calculated CVE-2023-22334
MISC
MISC
MISC
MISC contec_co_ltd — conprosys_hmi_system Cross-site scripting vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information. 2023-01-20 not yet calculated CVE-2023-22373
MISC
MISC
MISC
MISC contec_co_ltd — conprosys_hmi_system
  Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product. 2023-01-20 not yet calculated CVE-2023-22339
MISC
MISC
MISC
MISC contentmap — contentmap A vulnerability was found in AlexRed contentmap. It has been rated as critical. Affected by this issue is the function Load of the file contentmap.php. The manipulation of the argument contentid leads to sql injection. The name of the patch is dd265d23ff4abac97422835002c6a47f45ae2a66. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218492. 2023-01-18 not yet calculated CVE-2017-20173
MISC
MISC
MISC

cuppacms — cuppacms

Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. 2023-01-20 not yet calculated CVE-2021-29368
MISC curupira — curupira A vulnerability classified as critical has been found in prodigasistemas curupira up to 0.1.3. Affected is an unknown function of the file app/controllers/curupira/passwords_controller.rb. The manipulation leads to sql injection. Upgrading to version 0.1.4 is able to address this issue. The name of the patch is 93a9a77896bb66c949acb8e64bceafc74bc8c271. It is recommended to upgrade the affected component. VDB-218394 is the identifier assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2015-10053
MISC
MISC
MISC
MISC cybereason — edr Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges. 2023-01-20 not yet calculated CVE-2020-25502
MISC
MISC
MISC

d-link — dir-859_a1

D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function. 2023-01-19 not yet calculated CVE-2022-46476
MISC

d-link — dir_645a1

D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function. 2023-01-17 not yet calculated CVE-2022-46475
MISC

daloradius — daloradius

Cross-site Scripting (XSS) – Reflected in GitHub repository lirantal/daloradius prior to master-branch. 2023-01-17 not yet calculated CVE-2023-0337
CONFIRM
MISC

daloradius — daloradius

Cross-site Scripting (XSS) – Reflected in GitHub repository lirantal/daloradius prior to master-branch. 2023-01-17 not yet calculated CVE-2023-0338
CONFIRM
MISC dasher –dasherr erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue. 2023-01-20 not yet calculated CVE-2023-23607
MISC
MISC database — database A vulnerability was found in MNBikeways database and classified as critical. This issue affects some unknown processing of the file Data/views.py. The manipulation of the argument id1/id2 leads to sql injection. The name of the patch is 829a027aca7c17f5a7ec1addca8dd5d5542f86ac. It is recommended to apply a patch to fix this issue. The identifier VDB-218417 was assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2015-10060
MISC
MISC
MISC debutsav — debutsav A vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 7a8430df79277c613449262201cc792db894fc76. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218459. 2023-01-17 not yet calculated CVE-2014-125081
MISC
MISC
MISC

dell — bios

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. 2023-01-18 not yet calculated CVE-2022-32490
MISC

dell — bios

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. 2023-01-18 not yet calculated CVE-2022-34393
MISC

dell — bios

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. 2023-01-18 not yet calculated CVE-2022-34401
MISC

dell — bios

Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. 2023-01-18 not yet calculated CVE-2022-34460
MISC dell — cloud_mobility_for_dell_emc_storage Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices. 2023-01-19 not yet calculated CVE-2023-23690
MISC

dell — emc

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges. 2023-01-18 not yet calculated CVE-2022-34442
MISC

dell — emc

Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application. 2023-01-18 not yet calculated CVE-2022-34456
MISC

dell — emc

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges. 2023-01-18 not yet calculated CVE-2022-34462
MISC dell — emc_powervault_me5 Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim’s browser to desynchronize its connection with the website, typically leading to XSS and DoS. 2023-01-20 not yet calculated CVE-2023-23691
MISC

dell — idrac9

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. 2023-01-18 not yet calculated CVE-2022-34435
MISC

dell — kbdoc

Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make application unavailable for all users. 2023-01-18 not yet calculated CVE-2022-34457
MISC

dell — unisphere

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system. 2023-01-18 not yet calculated CVE-2022-45103
MISC

dell –bios_for_alienware

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM. 2023-01-18 not yet calculated CVE-2022-34399
MISC denoland — deno Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message. This situation impacts users who use Web Worker API and relied on interactive permission prompt. The reproduction is very timing sensitive and can’t be reliably reproduced on every try. This problem can not be exploited on systems that do not attach an interactive prompt (for example headless servers). The problem has been fixed in Deno v1.29.3; it is recommended all users update to this version. Users are advised to upgrade. Users unable to upgrade may run with –no-prompt flag to disable interactive permission prompts. 2023-01-17 not yet calculated CVE-2023-22499
MISC
MISC desafio_buzz_woody — desafio_buzz_woody A vulnerability was found in bmattoso desafio_buzz_woody. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is cb8220cbae06082c969b1776fcb2fdafb3a1006b. It is recommended to apply a patch to fix this issue. The identifier VDB-218357 was assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2015-10048
MISC
MISC
MISC discussion-board — discussion-board A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2015-10051
MISC
MISC
MISC dynamips — dynamips Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. 2023-01-20 not yet calculated CVE-2022-47012
MISC ecommerce-codelgniter-bootstrap — ecommerce-codelgniter-bootstrap Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php. 2023-01-20 not yet calculated CVE-2023-23010
MISC
MISC
MISC electerm — electerm An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service. 2023-01-20 not yet calculated CVE-2020-23256
MISC events_extension — events_extension A vulnerability classified as critical was found in Events Extension. Affected by this vulnerability is the function getRandomFeaturedEventByDate/getUpcomingFeaturedEventsInCategoriesWithSubcategories/recacheEvent/searchResults of the file classes/events.php. The manipulation leads to sql injection. The name of the patch is 11169e48ab1249109485fdb1e0c9fca3d25ba01d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218395. 2023-01-16 not yet calculated CVE-2018-25076
MISC
MISC
MISC

eyoucms — eyoucms

EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie “ENV_LIST_URL”. 2023-01-20 not yet calculated CVE-2022-45537
MISC eyoucms — eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie “ENV_GOBACK_URL”. 2023-01-20 not yet calculated CVE-2022-45538
MISC eyoucms — eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value “activepath” when creating a new file. 2023-01-20 not yet calculated CVE-2022-45539
MISC eyoucms — eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value “name” if the value contains a malformed UTF-8 char. 2023-01-20 not yet calculated CVE-2022-45540
MISC eyoucms — eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value “value” if the value contains a non-integer char. 2023-01-20 not yet calculated CVE-2022-45541
MISC eyoucms — eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter “filename” when editing any file. 2023-01-20 not yet calculated CVE-2022-45542
MISC ezpublish-modern-legacy — ezpublish-modern-legacy A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. Upgrading to version 1.0 is able to address this issue. The name of the patch is 5908d5ee65fec61ce0e321d586530461a210bf2a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218951. 2023-01-19 not yet calculated CVE-2015-10071
MISC
MISC
MISC
MISC faplanet — faplanet A vulnerability has been found in frontaccounting faplanet and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. The name of the patch is a5dcd87f46080a624b1a9ad4b0dd035bbd24ac50. It is recommended to apply a patch to fix this issue. VDB-218398 is the identifier assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2014-125080
MISC
MISC
MISC find — find
  A vulnerability classified as critical was found in AenBleidd FiND. This vulnerability affects the function init_result of the file validator/my_validator.cpp. The manipulation leads to buffer overflow. The name of the patch is ee2eef34a83644f286c9adcaf30437f92e9c48f1. It is recommended to apply a patch to fix this issue. VDB-218458 is the identifier assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2015-10065
MISC
MISC
MISC firefly-iii — firefly-iii Improper Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0. 2023-01-14 not yet calculated CVE-2023-0298
MISC
CONFIRM flarum — framework Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that don’t have a validated email. Guests cannot successfully create a reply because the API will fail with a 500 error when the user ID 0 is inserted into the database. This happens because when the first post of a discussion is permanently deleted, the `first_post_id` attribute of the discussion becomes `null` which causes access control to be skipped for all new replies. Flarum automatically makes discussions with zero comments invisible so an additional condition for this vulnerability is that the discussion must have at least one approved reply so that `discussions.comment_count` is still above zero after the post deletion. This can open the discussion to uncontrolled spam or just unintentional replies if users still had their tab open before the vulnerable discussion was locked and then post a reply when they shouldn’t be able to. In combination with the email notification settings, this could also be used as a way to send unsolicited emails. Versions between `v1.3.0` and `v1.6.3` are impacted. The vulnerability has been fixed and published as flarum/core v1.6.3. All communities running Flarum should upgrade as soon as possible. There are no known workarounds. 2023-01-13 not yet calculated CVE-2023-22489
MISC
MISC
MISC

foxit — multiple_products

Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability. 2023-01-18 not yet calculated CVE-2022-47881
MISC
MISC
MISC

freeradius — freeradius

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. 2023-01-17 not yet calculated CVE-2022-41859
MISC
MISC

freeradius — freeradius

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. 2023-01-17 not yet calculated CVE-2022-41860
MISC
MISC

freeradius — freeradius

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. 2023-01-17 not yet calculated CVE-2022-41861
MISC
MISC freeswitch — sofia-sip Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute’s type and length value, the length will be used directly to copy from the heap, regardless of the message’s left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-01-19 not yet calculated CVE-2023-22741
MISC
MISC froxlor — froxlor Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8. 2023-01-16 not yet calculated CVE-2023-0315
CONFIRM
MISC froxlor — froxlor Path Traversal: ‘..filename’ in GitHub repository froxlor/froxlor prior to 2.0.0. 2023-01-16 not yet calculated CVE-2023-0316
MISC
CONFIRM

fuji_electric — tellus_lite_v-simulator

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code. 2023-01-19 not yet calculated CVE-2022-3085
MISC

fuji_electric — tellus_lite_v-simulator

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. 2023-01-17 not yet calculated CVE-2022-3087
MISC galaxy-data-resource — galaxy-data-resource A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. This affects an unknown part of the component Command Line Template. The manipulation leads to injection. Upgrading to version 14.10.1 is able to address this issue. The name of the patch is 50d65f45d3f5be5d1fbff2e45ac5cec075f07d42. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218451. 2023-01-17 not yet calculated CVE-2015-10062
MISC
MISC
MISC
MISC gatsbyjs — gatsby Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configuration, unless input is sanitized. The vulnerability is present in gatsby-transformer-remark when passing input in data mode (querying MarkdownRemark nodes via GraphQL). Injected JavaScript executes in the context of the build server. To exploit this vulnerability untrusted/unsanitized input would need to be sourced by or added into a file processed by gatsby-transformer-remark. A patch has been introduced in `[email protected]` and `[email protected]` which mitigates the issue by disabling the `gray-matter` JavaScript Frontmatter engine. As a workaround, if an older version of `gatsby-transformer-remark` must be used, input passed into the plugin should be sanitized ahead of processing. It is encouraged for projects to upgrade to the latest major release branch for all Gatsby plugins to ensure the latest security updates and bug fixes are received in a timely manner. 2023-01-13 not yet calculated CVE-2023-22491
MISC

ge_digital — proficy_historian

An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. 2023-01-18 not yet calculated CVE-2022-38469
MISC
MISC

ge_digital — proficy_historian

An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. 2023-01-18 not yet calculated CVE-2022-43494
MISC
MISC

ge_digital — proficy_historian

An unauthorized user could possibly delete any file on the system. 2023-01-18 not yet calculated CVE-2022-46331
MISC
MISC

ge_digital — proficy_historian

An unauthorized user could alter or write files with full control over the path and content of the file. 2023-01-18 not yet calculated CVE-2022-46660
MISC
MISC

ge_digital — proficy_historian

Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status. 2023-01-18 not yet calculated CVE-2022-46732
MISC
MISC

ge_grid_solutions — ms3000

An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerability in the web server allows arbitrary files and configurations to be read via directory traversal over TCP port 8888. 2023-01-17 not yet calculated CVE-2022-43975
MISC ge_grid_solutions — ms3000 An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication. 2023-01-17 not yet calculated CVE-2022-43976
MISC ge_grid_solutions — ms3000
  An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control. 2023-01-17 not yet calculated CVE-2022-43977
MISC geni-nsf — geni-portal A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the argument error leads to cross site scripting. The attack may be launched remotely. The name of the patch is c2356cc41260551073bfaa3a94d1ab074f554938. It is recommended to apply a patch to fix this issue. VDB-218474 is the identifier assigned to this vulnerability. 2023-01-18 not yet calculated CVE-2020-36653
MISC
MISC
MISC
MISC geni-nsf — geni-portal A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argument invocation_id/invocation_user leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 39a96fb4b822bd3497442a96135de498d4a81337. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218475. 2023-01-18 not yet calculated CVE-2020-36654
MISC
MISC
MISC
MISC

git — git

Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue. 2023-01-17 not yet calculated CVE-2022-23521
MISC
MISC

git — git

Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `–format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log –format=…`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config –global daemon.uploadArch false`. 2023-01-17 not yet calculated CVE-2022-41903
MISC
MISC
MISC
MISC

git — git

Git GUI is a convenient graphical tool that comes with Git for Windows. Its target audience is users who are uncomfortable with using Git on the command-line. Git GUI has a function to clone repositories. Immediately after the local clone is available, Git GUI will automatically post-process it, among other things running a spell checker called `aspell.exe` if it was found. Git GUI is implemented as a Tcl/Tk script. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable _always includes the current directory_. Therefore, malicious repositories can ship with an `aspell.exe` in their top-level directory which is executed by Git GUI without giving the user a chance to inspect it first, i.e. running untrusted code. This issue has been addressed in version 2.39.1. Users are advised to upgrade. Users unable to upgrade should avoid using Git GUI for cloning. If that is not a viable option, at least avoid cloning from untrusted sources. 2023-01-17 not yet calculated CVE-2022-41953
MISC
MISC
MISC
MISC

github — enterprise_server

An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. This vulnerability allowed an app installed on an organization to gain access to and modify most organization-level resources that are not tied to a repository regardless of granted permissions, such as users and organization-wide projects. Resources associated with repositories were not impacted, such as repository file content, repository-specific projects, issues, or pull requests. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.7.1 and was fixed in versions 3.3.16, 3.4.11, 3.5.8, 3.6.4, 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. 2023-01-17 not yet calculated CVE-2022-23739
MISC
MISC
MISC
MISC
MISC

gitlab-org — ce/ee

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link. 2023-01-17 not yet calculated CVE-2022-2907
MISC
MISC
CONFIRM

gitlab-org — gitlab-runner

Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user. 2023-01-17 not yet calculated CVE-2022-2251
MISC
CONFIRM
MISC gitlearn — gitlearn A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The name of the patch is 3faa5deaa509012069afe75cd03c21bda5050a64. It is recommended to apply a patch to fix this issue. VDB-218302 is the identifier assigned to this vulnerability. 2023-01-13 not yet calculated CVE-2015-10040
MISC
MISC
MISC
MISC

gpac — gpac

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. 2023-01-18 not yet calculated CVE-2023-0358
CONFIRM
MISC gpac — gpac Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master. 2023-01-20 not yet calculated CVE-2023-23143
MISC gpac — gpac Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. 2023-01-20 not yet calculated CVE-2023-23144
MISC gpac — gpac GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function. 2023-01-20 not yet calculated CVE-2023-23145
MISC

hclsoftware — bigfix

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts. 2023-01-20 not yet calculated CVE-2021-27782
MISC hitachi — tuning manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager – Agent for RAID, Hitachi Tuning Manager – Agent for NAS, Hitachi Tuning Manager – Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. 2023-01-17 not yet calculated CVE-2020-36611
MISC

hospital_management_system — hospital_management_system

Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator privileges without the need for a password. 2023-01-13 not yet calculated CVE-2022-46093
MISC

hospital_management_system — hospital_management_system

SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php. 2023-01-20 not yet calculated CVE-2022-48120
MISC

hundredrabbits — left

Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via file names. 2023-01-20 not yet calculated CVE-2022-45557
MISC

hundredrabbits — left

Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via the meta tag. 2023-01-20 not yet calculated CVE-2022-45558
MISC

ibm — cloud_pak_for_security

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive information in log files that could be read by a privileged user. IBM X-Force ID: 213645. 2023-01-20 not yet calculated CVE-2021-39011
MISC
MISC

ibm — cloud_pak_for_security

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 216387. 2023-01-20 not yet calculated CVE-2021-39089
MISC
MISC

ibm — infosphere

IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. 2023-01-20 not yet calculated CVE-2022-41733
MISC
MISC ibm — multiple_products IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556. 2023-01-18 not yet calculated CVE-2022-47990
MISC
MISC ibm — robotic_process_automation IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073. 2023-01-18 not yet calculated CVE-2023-22592
MISC
MISC ibm — robotic_process_automation IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075. 2023-01-18 not yet calculated CVE-2023-22594
MISC
MISC ibm — robotic_process_automation IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109. 2023-01-18 not yet calculated CVE-2023-22863
MISC
MISC ibm — security_qradar_siem IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356. 2023-01-17 not yet calculated CVE-2023-22875
MISC
MISC

ibm — spectrum_virtualize

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408. 2023-01-19 not yet calculated CVE-2022-39167
MISC
MISC impatient — impatient IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health Information. 2023-01-17 not yet calculated CVE-2023-23637
CONFIRM
MISC
CONFIRM inxedu — inxedu SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction. 2023-01-20 not yet calculated CVE-2020-21152
MISC
MISC inxedu — inxedu SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value. 2023-01-18 not yet calculated CVE-2020-35326
MISC
MISC

jeecg-boot — jeecg-boot

Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData. 2023-01-19 not yet calculated CVE-2022-47105
MISC jekbox — jekbox A vulnerability was found in tombh jekbox. It has been rated as problematic. This issue affects some unknown processing of the file lib/server.rb. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The name of the patch is 64eb2677671018fc08b96718b81e3dbc83693190. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218375. 2023-01-15 not yet calculated CVE-2016-15019
MISC
MISC
MISC

johnson_controls — metasys

Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text. 2023-01-13 not yet calculated CVE-2021-36204
CERT
CONFIRM joomla — ldap_integration_with_active_directory_and_openldap-ntlm_and_kerberos_login The ‘LDAP Integration with Active Directory and OpenLDAP – NTLM & Kerberos Login’ extension is vulnerable to LDAP Injection since is not properly sanitizing the ‘username’ POST parameter. An attacker can manipulate this paramter to dump arbitrary contents form the LDAP Database. 2023-01-17 not yet calculated CVE-2023-23749
MISC jopenid — jopenid A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy. Upgrading to version 1.08 is able to address this issue. The name of the patch is c9baaa976b684637f0d5a50268e91846a7a719ab. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218460. 2023-01-18 not yet calculated CVE-2010-10006
MISC
MISC
MISC
MISC kalkun-sms — kalkun Cross Site Scripting (XSS) vulnerability in Kalkun 0.8.0 via username input in file User_model.php. 2023-01-20 not yet calculated CVE-2023-23015
MISC
MISC kirby_webmentions_plugin — kirby_webmentions_plugin A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to injection. The attack may be launched remotely. The name of the patch is 55bedea78ae9af916a9a41497bd9996417851502. It is recommended to apply a patch to fix this issue. VDB-218894 is the identifier assigned to this vulnerability. 2023-01-19 not yet calculated CVE-2017-20174
MISC
MISC
MISC krail-jpa — krail-jpa A vulnerability was found in krail-jpa up to 0.9.1. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version 0.9.2 is able to address this issue. The name of the patch is c1e848665492e21ef6cc9be443205e36b9a1f6be. It is recommended to upgrade the affected component. The identifier VDB-218373 was assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2016-15018
MISC
MISC
MISC
MISC
MISC

kraken — kraken

kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs. 2023-01-20 not yet calculated CVE-2022-47747
MISC kubeoperator — kubeoperator KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used to take over the cluster under certain conditions. This issue has been patched in version 3.16.4. 2023-01-14 not yet calculated CVE-2023-22480
MISC
MISC
MISC kubeoperator — kubepi KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds. 2023-01-14 not yet calculated CVE-2023-22478
MISC
MISC
MISC

lenovo — leyun

An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service. 2023-01-20 not yet calculated CVE-2022-1109
MISC

libetpan — libetpan

In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. 2023-01-17 not yet calculated CVE-2022-4121
MISC
MISC libgit2 — libgit2 libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2’s `git_remote_callbacks` structure – if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default – without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked. 2023-01-20 not yet calculated CVE-2023-22742
MISC
MISC
MISC
MISC
MISC
MISC liftkit — database A vulnerability was found in liftkit database up to 2.13.1. It has been classified as critical. This affects the function processOrderBy of the file src/Query/Query.php. The manipulation leads to sql injection. Upgrading to version 2.13.2 is able to address this issue. The name of the patch is 42ec8f2b22e0b0b98fb5b4444ed451c1b21d125a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218391. 2023-01-16 not yet calculated CVE-2016-15020
MISC
MISC
MISC
MISC lightftp — lightftp A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context->FileName. 2023-01-21 not yet calculated CVE-2023-24042
MISC

linux — kernel

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. 2023-01-17 not yet calculated CVE-2022-41858
MISC linux — linux_kernel A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4. 2023-01-17 not yet calculated CVE-2023-0122
MISC
MLIST linux — kernel
  In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with “tc qdisc” and “tc class” commands. This affects qdisc_graft in net/sched/sch_api.c. 2023-01-17 not yet calculated CVE-2022-47929
CONFIRM
MISC
MISC
CONFIRM

listserv — listserv

A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter. 2023-01-17 not yet calculated CVE-2022-39195
MISC
MISC

listserv — listserv

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim’s LISTSERV account. 2023-01-17 not yet calculated CVE-2022-40319
MISC
MISC little_apps — little_software_stats A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file inc/class.securelogin.php of the component Password Reset Handler. The manipulation leads to improper access controls. Upgrading to version 0.2 is able to address this issue. The name of the patch is 07ba8273a9311d1383f3686ac7cb32f20770ab1e. It is recommended to upgrade the affected component. The identifier VDB-218401 was assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2015-10057
MISC
MISC
MISC
MISC lolfeedback — lolfeedback A vulnerability has been found in lolfeedback and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The name of the patch is 6cf0b5f2228cd8765f734badd37910051000f2b2. It is recommended to apply a patch to fix this issue. The identifier VDB-218353 was assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2015-10046
MISC
MISC
MISC

m-filter — m-filter

m-FILTER prior to Ver.5.70R01 (Ver.5 Series) and m-FILTER prior to Ver.4.87R04 (Ver.4 Series) allows a remote unauthenticated attacker to bypass authentication and send users’ unintended email when email is being sent under the certain conditions. The attacks exploiting this vulnerability have been observed. 2023-01-17 not yet calculated CVE-2023-22278
MISC mahoroba_kobo_inc — maho-pbx_netdevancer_series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote unauthenticated attacker to execute an arbitrary OS command. 2023-01-17 not yet calculated CVE-2023-22279
MISC
MISC mahoroba_kobo_inc — maho-pbx_netdevancer_series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. 2023-01-17 not yet calculated CVE-2023-22280
MISC
MISC mahoroba_kobo_inc — maho-pbx_netdevancer_series Cross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated attacker to hijack the user authentication and conduct user’s unintended operations by having a user to view a malicious page while logged in. 2023-01-17 not yet calculated CVE-2023-22286
MISC
MISC mahoroba_kobo_inc — maho-pbx_netdevancer_series Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated attacker to inject an arbitrary script. 2023-01-17 not yet calculated CVE-2023-22296
MISC
MISC maif — izanami Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0. 2023-01-14 not yet calculated CVE-2023-22495
MISC
MISC

mailenable — mailenable

Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. That action, could lead an attacker to store arbitrary code on that files and execute RCE commands. 2023-01-13 not yet calculated CVE-2022-42136
MISC
MISC

malloc — malloc

When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). 2023-01-20 not yet calculated CVE-2021-33641
MISC

malloc — malloc

When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. 2023-01-20 not yet calculated CVE-2021-33642
MISC manageengine — multiple_products Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. 2023-01-18 not yet calculated CVE-2022-47966
MISC
MISC
MISC manageengine — zoho_manageengine_exchange_reporter_plus Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to conduct XXE attacks. 2023-01-17 not yet calculated CVE-2023-22624
MISC manageengine — zoho_manageengine_servicedesk_plus_msp Zoho ManageEngine ServiceDesk Plus MSP through 13003 is vulnerable to authentication bypass due to the unsafe LDAP configuration (issue 1 of 2). 2023-01-20 not yet calculated CVE-2023-22964
MISC
MISC

mariadb — server

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. 2023-01-20 not yet calculated CVE-2022-47015
MISC

maxbyteshandler — maxbyteshandler

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests. 2023-01-13 not yet calculated CVE-2022-41721
MISC
MISC
MISC

mbed_tls — mbed_tls

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. 2023-01-17 not yet calculated CVE-2021-36647
MISC
MISC
MISC mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision-* fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs capability. 2023-01-20 not yet calculated CVE-2023-22910
MISC mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager insecurely uses AES-CTR encryption with a repeated (aka re-used) nonce, allowing an adversary to decrypt. 2023-01-20 not yet calculated CVE-2023-22912
MISC

mediawiki — mediawiki

  An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by users with checkuser access. 2023-01-20 not yet calculated CVE-2022-39193
MISC mel-spintax — mel-spintax A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/spintax.js. The manipulation of the argument text leads to inefficient regular expression complexity. The name of the patch is 37767617846e27b87b63004e30216e8f919637d3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218456. 2023-01-18 not yet calculated CVE-2018-25077
MISC
MISC
MISC mercedes-benz — xentry_retail_data_storage Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device. 2023-01-15 not yet calculated CVE-2023-23590
MISC
MISC minichan — minichan A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability. 2023-01-14 not yet calculated CVE-2017-20167
MISC
MISC
MISC
MISC mirna_database_by_php_mysql — mirna_database_by_php_mysql A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql. It has been declared as critical. This vulnerability affects the function __construct/select_single_rna/count_rna of the file inc/model.php. The manipulation leads to sql injection. The name of the patch is 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. It is recommended to apply a patch to fix this issue. VDB-218374 is the identifier assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2015-10050
MISC
MISC
MISC misp_project — misp In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload. 2023-01-20 not yet calculated CVE-2023-24026
MISC misp_project — misp In MISP 2.4.167, app/webroot/js/action_table.js allows XSS via a network history name. 2023-01-20 not yet calculated CVE-2023-24027
MISC misp_project — misp In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function. 2023-01-20 not yet calculated CVE-2023-24028
MISC

mitsubishi_electric_corporation — prng

Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU all versions allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. 2023-01-20 not yet calculated CVE-2022-40267
MISC
MISC
MISC modoboa — modoboa Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. 2023-01-19 not yet calculated CVE-2023-0398
MISC
CONFIRM modoboa — modoboa Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. 2023-01-19 not yet calculated CVE-2023-0406
MISC
CONFIRM modsecurity — modsecurity In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase. 2023-01-20 not yet calculated CVE-2022-48279
MISC
MISC
MISC
MISC
MISC movify-j — movify-j
  A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection. The name of the patch is c3085e01936a4d7eff1eda3093f25d56cc4d2ec5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218476. 2023-01-18 not yet calculated CVE-2015-10068
MISC
MISC
MISC mycms — mycms A vulnerability was found in MyCMS. It has been classified as problematic. This affects the function build_view of the file lib/gener/view.php of the component Visitors Module. The manipulation of the argument original/converted leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is d64fcba4882a50e21cdbec3eb4a080cb694d26ee. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218895. 2023-01-19 not yet calculated CVE-2022-4892
MISC
MISC
MISC nektos — act act is a project which allows for local running of github actions. The artifact server that stores artifacts from Github Action runs does not sanitize path inputs. This allows an attacker to download and overwrite arbitrary files on the host from a Github Action. This issue may lead to privilege escalation. The /upload endpoint is vulnerable to path traversal as filepath is user controlled, and ultimately flows into os.Mkdir and os.Open. The /artifact endpoint is vulnerable to path traversal as the path is variable is user controlled, and the specified file is ultimately returned by the server. This has been addressed in version 0.2.40. Users are advised to upgrade. Users unable to upgrade may, during implementation of Open and OpenAtEnd for FS, ensure to use ValidPath() to check against path traversal or clean the user-provided paths manually. 2023-01-20 not yet calculated CVE-2023-22726
MISC
MISC
MISC
MISC
MISC
MISC
MISC

neo4j — apoc

APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export.* procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the expected directory. The vulnerability is such that files could only be created but not overwritten. For the vulnerability to be exploited, an attacker would need access to execute an arbitrary query, either by having access to an authenticated Neo4j client, or a Cypher injection vulnerability in an application. The minimum versions containing patch for this vulnerability are 4.4.0.12 and 4.3.0.12 and 5.3.1. As a workaround, you can control the allowlist of the procedures that can be used in your system, and/or turn off local file access by setting apoc.export.file.enabled=false. 2023-01-14 not yet calculated CVE-2022-23532
MISC
MISC netdata — netdata Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function `health_alarm_execute` is called. This function performs different checks and then enqueues a command by calling `spawn_enq_cmd`. This command is populated with several arguments that are not sanitized. One of them is the `registry_hostname` of the node for which the alert is raised. By providing a specially crafted `registry_hostname` as part of the health data that is streamed to a Netdata (parent) agent, an attacker can execute arbitrary commands at the remote host as a side-effect of the raised alert. Note that the commands are executed as the user running the Netdata Agent. This user is usually named `netdata`. The ability to run arbitrary commands may allow an attacker to escalate privileges by escalating other vulnerabilities in the system, as that user. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, streaming is not enabled by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability. 2023-01-14 not yet calculated CVE-2023-22496
MISC netdata — netdata Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has access to a Netdata Agent has access to its MACHINE_GUID. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents (children), offloading children from various functions (increased data retention, ML, health monitoring, etc) that can now be handled by the parent Agent. Configuration is done via `stream.conf`. On the parent side, users configure in `stream.conf` an API key (any random UUID can do) to provide common configuration for all children using this API key and per MACHINE GUID configuration to customize the configuration for each child. The way this was implemented, allowed an attacker to use a valid MACHINE_GUID as an API key. This affects all users who expose their Netdata Agents (children) to non-trusted users and they also expose to the same users Netdata Agent parents that aggregate data from all these children. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, do not enable streaming by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability. 2023-01-14 not yet calculated CVE-2023-22497
MISC
MISC

nethserver — phonenehome

A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function get_info/get_country_coor of the file server/index.php. The manipulation leads to sql injection. The name of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is recommended to apply a patch to fix this issue. The identifier VDB-218393 was assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2021-4313
MISC
MISC
MISC
MISC nextcloud — security-advisories Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that the Nextcloud Server is upgraded to 1.6.5 or 1.7.3 or 1.8.2. 2023-01-14 not yet calculated CVE-2023-22470
MISC
MISC nextcloud — security-advisories Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken access control allows a user to delete attachments of other users. There are currently no known workarounds. It is recommended that the Nextcloud Deck app is upgraded to 1.6.5 or 1.7.3 or 1.8.2. 2023-01-14 not yet calculated CVE-2023-22471
MISC
MISC

nexusphp — nexusphp

Multiple SQL injection vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to execute arbitrary SQL commands via the conuser[] parameter in takeconfirm.php; the delcheater parameter in cheaterbox.php; or the usernw parameter in nowarn.php. 2023-01-19 not yet calculated CVE-2022-46887
MISC
MISC

nexusphp — nexusphp

Multiple reflective cross-site scripting (XSS) vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to inject arbitrary web script or HTML via the secret parameter in /login.php; q parameter in /user-ban-log.php; query parameter in /log.php; text parameter in /moresmiles.php; q parameter in myhr.php; or id parameter in /viewrequests.php. 2023-01-19 not yet calculated CVE-2022-46888
MISC
MISC

nexusphp — nexusphp

A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php. 2023-01-19 not yet calculated CVE-2022-46889
MISC
MISC

nexusphp — nexusphp

  Weak access control in NexusPHP before 1.7.33 allows a remote authenticated user to edit any post in the forum (this is caused by a lack of checks performed by the /forums.php?action=post page). 2023-01-19 not yet calculated CVE-2022-46890
MISC
MISC nginx — proxy_manager jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5. 2023-01-20 not yet calculated CVE-2023-23596
MISC
MISC

nlnet_labs — krill

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the “/rrdp” endpoint. Prior to 0.12.1 a direct query for any existing directory under “/rrdp/”, rather than an RRDP file such as “/rrdp/notification.xml” as would be expected, causes Krill to crash. If the built-in “/rrdp” endpoint is exposed directly to the internet, then malicious remote parties can cause the publication server to crash. The repository content is not affected by this, but the availability of the server and repository can cause issues if this attack is persistent and is not mitigated. 2023-01-17 not yet calculated CVE-2023-0158
MISC

notepad_plus — notepad_plus

Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. 2023-01-19 not yet calculated CVE-2022-31901
MISC obridge — obridge A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. Upgrading to version 1.4 is able to address this issue. The name of the patch is 52eca4ad05f3c292aed3178b2f58977686ffa376. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218376. 2023-01-15 not yet calculated CVE-2018-25075
MISC
MISC
MISC
MISC oker — oker OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to interrupt the boot sequence and execute arbitrary commands with root privileges. 2023-01-18 not yet calculated CVE-2020-22007
MISC
MISC
MISC ollpu — parontalli A vulnerability was found in ollpu parontalli. It has been classified as critical. Affected is an unknown function of the file httpdocs/index.php. The manipulation of the argument s leads to sql injection. The name of the patch is 6891bb2dec57dca6daabc15a6d2808c8896620e5. It is recommended to apply a patch to fix this issue. VDB-218418 is the identifier assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2017-20170
MISC
MISC
MISC omron_corporation — cp1l-el20dr-d
  Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the firmware, causing a denial-of-service (DoS) condition, and/or arbitrary code execution. 2023-01-17 not yet calculated CVE-2023-22357
MISC omron_corporation — cx-motion-mch CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. 2023-01-17 not yet calculated CVE-2023-22366
MISC openstack-barbican — openstack-barbican A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. 2023-01-18 not yet calculated CVE-2022-3100
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to endpoints, which require a valid AdminPwd cookie, without knowing the password. 2023-01-18 not yet calculated CVE-2022-45922
MISC
FULLDISC
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Common Gateway Interface (CGI) program cs.exe allows an attacker to increase/decrease an arbitrary memory address by 1 and trigger a call to a method of a vftable with a vftable pointer value chosen by the attacker. 2023-01-18 not yet calculated CVE-2022-45923
MISC
FULLDISC
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint itemtemplate.createtemplate2 allows a low-privilege user to delete arbitrary files on the server’s local filesystem. 2023-01-18 not yet calculated CVE-2022-45924
MISC
FULLDISC
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remote_adde and server_name, which is an information disclosure. 2023-01-18 not yet calculated CVE-2022-45925
MISC
FULLDISC
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports. 2023-01-18 not yet calculated CVE-2022-45926
MISC
FULLDISC
MISC

opentext — content_suite_platform

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code. 2023-01-18 not yet calculated CVE-2022-45927
MISC
FULLDISC
MISC

opentext — content_suite_platform

A remote OScript execution issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). Multiple endpoints allow the user to pass the parameter htmlFile, which is included in the HTML output rendering pipeline of a request. Because the Content Server evaluates and executes Oscript code in HTML files, it is possible for an attacker to execute Oscript code. The Oscript scripting language allows the attacker (for example) to manipulate files on the filesystem, create new network connections, or execute OS commands. 2023-01-18 not yet calculated CVE-2022-45928
MISC
FULLDISC
MISC

opusfile — opusfile

A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. 2023-01-20 not yet calculated CVE-2022-47021
MISC
MISC orangescrum — orangescrum OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands on the server. This is possible because the application injects an attacker-controlled parameter into a system function. 2023-01-18 not yet calculated CVE-2023-0164
MISC
MISC overdrive — eletrônica course-builder A vulnerability was found in Overdrive Eletrônica course-builder up to 1.7.x and classified as problematic. Affected by this issue is some unknown functionality of the file coursebuilder/modules/oeditor/oeditor.html. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is e39645fd714adb7e549908780235911ae282b21b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218372. 2023-01-15 not yet calculated CVE-2015-10049
MISC
MISC
MISC
MISC p2manage — p2manage A vulnerability, which was classified as critical, was found in githuis P2Manage. This affects the function Execute of the file PTwoManage/Database.cs. The manipulation of the argument sql leads to sql injection. The name of the patch is 717380aba80002414f82d93c770035198b7858cc. It is recommended to apply a patch to fix this issue. The identifier VDB-218397 was assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2015-10054
MISC
MISC
MISC

panasonic — sanyo_cctv_network_camera

Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges. 2023-01-17 not yet calculated CVE-2022-4621
MISC
MISC perl –perl The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes. 2023-01-21 not yet calculated CVE-2023-24038
MISC pgadmin_project — pgadmin_4
  Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. 2023-01-17 not yet calculated CVE-2023-22298
MISC
MISC
MISC
MISC phoenixcf — phoenixcf A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file content/2-Community/articles.cfm. The manipulation leads to sql injection. The name of the patch is d156faf8bc36cd49c3b10d3697ef14167ad451d8. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218491. 2023-01-18 not yet calculated CVE-2011-10001
MISC
MISC
MISC

phoronix — phoronix

A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite. 2023-01-17 not yet calculated CVE-2022-40704
MISC
MISC phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0306
MISC
CONFIRM phpmyfaq — phpmyfaq Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0307
MISC
CONFIRM phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0308
CONFIRM
MISC phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0309
CONFIRM
MISC phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0310
MISC
CONFIRM phpmyfaq — phpmyfaq Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0311
MISC
CONFIRM phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0312
MISC
CONFIRM phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0313
MISC
CONFIRM phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.10. 2023-01-15 not yet calculated CVE-2023-0314
MISC
CONFIRM

pimcore — pimcore

Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.5.14. 2023-01-16 not yet calculated CVE-2023-0323
CONFIRM
MISC pixela_corporation — pix-rt100 OS command injection vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101 allows a network-adjacent attacker who can access product settings to execute an arbitrary OS command. 2023-01-17 not yet calculated CVE-2023-22304
MISC
MISC pixela_corporation — pix-rt100
  Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101 allows a network-adjacent attacker to access the product via undocumented Telnet or SSH services. 2023-01-17 not yet calculated CVE-2023-22316
MISC
MISC

plex — media_server

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. 2023-01-18 not yet calculated CVE-2021-33959
MISC
MISC pokemon-database-php — pokemon-database-php A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The name of the patch is dd0e1e6cdf648d6a3deff441f515bcb1d7573d68. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218455. 2023-01-17 not yet calculated CVE-2015-10064
MISC
MISC
MISC

popojicms — popojicms

PopojiCMS v2.0.1 backend plugin function has a file upload vulnerability. 2023-01-19 not yet calculated CVE-2022-47766
MISC powerdns — recursor A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1. 2023-01-21 not yet calculated CVE-2023-22617
CONFIRM
MISC
MLIST pqclean — crystals-dilithium CRYSTALS-DILITHIUM (in Post-Quantum Cryptography Selected Algorithms 2022) in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector. 2023-01-20 not yet calculated CVE-2023-24025
MISC
MISC
MISC predictapp — predictapp A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp. This issue affects some unknown processing of the file config/initializers/new_framework_defaults_7_0.rb of the component Cookie Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The name of the patch is b067372f3ee26fe1b657121f0f41883ff4461a06. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218387. 2023-01-16 not yet calculated CVE-2022-4890
MISC
MISC
MISC
MISC privatesky — apersistence A vulnerability classified as critical has been found in PrivateSky apersistence. This affects an unknown part of the file db/sql/mysqlUtils.js. The manipulation leads to sql injection. The name of the patch is 954425f61634b556fe644837a592a5b8fcfca068. It is recommended to apply a patch to fix this issue. The identifier VDB-218457 was assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2017-20171
MISC
MISC
MISC project_todolist — project_todolist A vulnerability, which was classified as critical, was found in tutrantta project_todolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c66b9e8ea403539141. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218352. 2023-01-15 not yet calculated CVE-2015-10045
MISC
MISC
MISC ptome — ptome
  A vulnerability was found in frioux ptome. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 26829bba67858ca0bd4ce49ad50e7ce653914276. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218519. 2023-01-18 not yet calculated CVE-2010-10009
MISC
MISC
MISC

publify — publify

Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. 2023-01-14 not yet calculated CVE-2022-1812
CONFIRM
MISC publify — publify Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. 2023-01-14 not yet calculated CVE-2023-0299
CONFIRM
MISC pyload — pyload Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. 2023-01-14 not yet calculated CVE-2023-0297
MISC
CONFIRM

python_mechanize — python_mechanize

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue. 2023-01-17 not yet calculated CVE-2021-32837
CONFIRM
MISC
MISC
MISC radare2– radare2 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. 2023-01-15 not yet calculated CVE-2023-0302
CONFIRM
MISC

rapid7 — velociraptor

Rapid7 Velociraptor allows users to be created with different privileges on the server. Administrators are generally allowed to run any command on the server including writing arbitrary files. However, lower privilege users are generally forbidden from writing or modifying files on the server. The VQL copy() function applies permission checks for reading files but does not check for permission to write files. This allows a low privilege user (usually, users with the Velociraptor “investigator” role) to overwrite files on the server, including Velociraptor configuration files. To exploit this vulnerability, the attacker must already have a Velociraptor user account at a low privilege level (at least “analyst”) and be able to log into the GUI and create a notebook where they can run the VQL query invoking the copy() VQL function. Typically, most users deploy Velociraptor with limited access to a trusted group (most users will be administrators within the GUI). This vulnerability is associated with program files https://github.Com/Velocidex/velociraptor/blob/master/vql/filesystem/copy.go https://github.Com/Velocidex/velociraptor/blob/master/vql/filesystem/copy.go and program routines copy(). This issue affects Velociraptor versions before 0.6.7-5. Version 0.6.7-5, released January 16, 2023, fixes the issue. 2023-01-18 not yet calculated CVE-2023-0242
MISC

rapid7 — velociraptor

Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written. It was possible to provide a client id of “../clients/server” to schedule the collection for the server (as a server artifact), but only require privileges to schedule collections on the client. Normally, to schedule an artifact on the server, the COLLECT_SERVER permission is required. This permission is normally only granted to “administrator” role. Due to this issue, it is sufficient to have the COLLECT_CLIENT privilege, which is normally granted to the “investigator” role. To exploit this vulnerability, the attacker must already have a Velociraptor user account at least “investigator” level, and be able to authenticate to the GUI and issue an API call to the backend. Typically, most users deploy Velociraptor with limited access to a trusted group, and most users will already be administrators within the GUI. This issue affects Velociraptor versions before 0.6.7-5. Version 0.6.7-5, released January 16, 2023, fixes the issue. 2023-01-18 not yet calculated CVE-2023-0290
MISC

redhat — openshift

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component. 2023-01-17 not yet calculated CVE-2023-0296
MISC

redis — redis

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-01-20 not yet calculated CVE-2022-35977
MISC
MISC
MISC
MISC
MISC redis — redis Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-01-20 not yet calculated CVE-2023-22458
MISC
MISC
MISC
MISC redports — redports A vulnerability was found in nivit redports. It has been declared as critical. This vulnerability affects unknown code of the file redports-trac/redports/model.py. The manipulation leads to sql injection. The name of the patch is fc2c1ea1b8d795094abb15ac73cab90830534e04. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218464. 2023-01-18 not yet calculated CVE-2014-125082
MISC
MISC
MISC remoteclinic — remoteclinic SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php. 2023-01-20 not yet calculated CVE-2022-48152
MISC

reprise — license_manager

An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function. 2023-01-20 not yet calculated CVE-2021-37498
MISC
MISC
MISC

reprise — license_manager

CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers. 2023-01-20 not yet calculated CVE-2021-37499
MISC
MISC
MISC

reprise — license_manager

Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server. 2023-01-20 not yet calculated CVE-2021-37500
MISC
MISC
MISC

reqlogic — reqlogic

Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters. 2023-01-20 not yet calculated CVE-2022-41441
MISC
MISC
MISC ridhoq — soundslike A vulnerability was found in ridhoq soundslike. It has been classified as critical. Affected is the function get_song_relations of the file app/api/songs.py. The manipulation leads to sql injection. The name of the patch is 90bb4fb667d9253d497b619b9adaac83bf0ce0f8. It is recommended to apply a patch to fix this issue. VDB-218490 is the identifier assigned to this vulnerability. 2023-01-18 not yet calculated CVE-2017-20172
MISC
MISC
MISC
MISC

ronds — epm

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files. 2023-01-17 not yet calculated CVE-2022-2893
MISC

ronds — epm 

RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system (OS) commands. 2023-01-17 not yet calculated CVE-2022-3091
MISC

ruby-git — ruby-git

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-47318. 2023-01-17 not yet calculated CVE-2022-46648
MISC
MISC
MISC

ruby-git — ruby-git

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648. 2023-01-17 not yet calculated CVE-2022-47318
MISC
MISC
MISC

ruckus –smartzone_controller

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request. 2023-01-18 not yet calculated CVE-2021-36630
MISC
MISC
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature. 2023-01-20 not yet calculated CVE-2020-22653
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to bypass firmware image bad md5 checksum failed error. 2023-01-20 not yet calculated CVE-2020-22654
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to persistently to writing unauthorized image. 2023-01-20 not yet calculated CVE-2020-22655
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to make the Secure Boot in failed attempts state (rfwd). 2023-01-20 not yet calculated CVE-2020-22656
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass. 2023-01-20 not yet calculated CVE-2020-22657
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image. 2023-01-20 not yet calculated CVE-2020-22658
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature. 2023-01-20 not yet calculated CVE-2020-22659
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image. 2023-01-20 not yet calculated CVE-2020-22660
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to erase the backup secondary official image and write secondary backup unauthorized image. 2023-01-20 not yet calculated CVE-2020-22661
MISC ruckus_wireless — multiple_products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized “illegal region code” by remote code Execution command injection which leads to run illegal frequency with maxi output power. Vulnerability allows attacker to create an arbitrary amount of ssid wlans interface per radio which creates overhead over noise (the default max limit is 8 ssid only per radio in solo AP). Vulnerability allows attacker to unlock hidden regions by privilege command injection in WEB GUI. 2023-01-20 not yet calculated CVE-2020-22662
MISC

rushbet — rushbet

RushBet version 2022.23.1-b490616d allows a remote attacker to steal customer accounts via use of a malicious application. This is possible because the application exposes an activity and does not properly validate the data it receives. 2023-01-18 not yet calculated CVE-2022-4235
MISC rust-lang_webbrowser-rs — rust-lang_webbrowser-rs An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL. 2023-01-13 not yet calculated CVE-2022-45299
MISC samba — ldap server An information leak vulnerability was discovered in Samba’s LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. 2023-01-17 not yet calculated CVE-2018-14628
MISC
MISC sauter_controls — nova_200-220_series SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands. 2023-01-20 not yet calculated CVE-2023-0052
MISC school-register — school-register A vulnerability was found in KYUUBl school-register. It has been classified as critical. This affects an unknown part of the file src/DBManager.java. The manipulation leads to sql injection. The name of the patch is 1cf7e01b878aee923f2b22cc2535c71a680e4c30. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218355. 2023-01-15 not yet calculated CVE-2015-10047
MISC
MISC
MISC searx_stats — searx_stats A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The name of the patch is 281bd679a4474ddb222d16c1c380f252839cc18f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218351. 2023-01-15 not yet calculated CVE-2014-125077
MISC
MISC
MISC

seltmann_gmbh — content_management_system

Seltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php. 2023-01-19 not yet calculated CVE-2022-47740
MISC

sewio — real-time_location_system

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execution. 2023-01-18 not yet calculated CVE-2022-41989
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. This could allow an attacker to start, stop, or restart arbitrary services running on the server. 2023-01-18 not yet calculated CVE-2022-43455
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. 2023-01-18 not yet calculated CVE-2022-43483
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition. 2023-01-18 not yet calculated CVE-2022-45127
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands. 2023-01-18 not yet calculated CVE-2022-46733
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service condition. 2023-01-18 not yet calculated CVE-2022-47395
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. 2023-01-18 not yet calculated CVE-2022-47911
MISC

sewio — rtls_studio

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition. 2023-01-18 not yet calculated CVE-2022-47917
MISC

sewio — rtls_studios

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access. 2023-01-18 not yet calculated CVE-2022-45444
MISC shopware — platform Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item’s individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin. 2023-01-17 not yet calculated CVE-2023-22730
MISC
MISC
MISC shopware — platform Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin. 2023-01-17 not yet calculated CVE-2023-22731
MISC
MISC
MISC shopware — platform Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been added. As a result the user will be logged out when they are inactive. Users are advised to upgrade. There are no known workarounds for this issue. 2023-01-17 not yet calculated CVE-2023-22732
MISC
MISC
MISC shopware — platform Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. Users unable to upgrade may remove from all users the log module ACL rights or disable logging. 2023-01-17 not yet calculated CVE-2023-22733
MISC
MISC
MISC
MISC shopware — platform Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed with version 6.4.18.1. Users are advised to upgrade. Users unable to upgrade may find security measures are available via a plugin for major versions 6.1, 6.2, and 6.3. Users may also disable newsletter registration completely. 2023-01-17 not yet calculated CVE-2023-22734
MISC
MISC
MISC sigeprosi — sigeprosi A vulnerability classified as critical has been found in ale7714 sigeprosi. This affects an unknown part. The manipulation leads to sql injection. The name of the patch is 5291886f6c992316407c376145d331169c55f25b. It is recommended to apply a patch to fix this issue. The identifier VDB-218493 was assigned to this vulnerability. 2023-01-18 not yet calculated CVE-2012-10006
MISC
MISC
MISC

sinilink — xy-wft1_wifi_remote_thermostat

The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device’s physical environment. 2023-01-20 not yet calculated CVE-2022-43704
MISC sismai — sismai A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to version 4.25.14p12 is able to address this issue. The name of the patch is 51fe2e6521c9c02b421b383943dc9e4bbbe65d4e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218452. 2023-01-17 not yet calculated CVE-2022-4891
MISC
MISC
MISC
MISC
MISC
MISC skyhigh_security — secure_web_gateway A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG. 2023-01-18 not yet calculated CVE-2023-0214
MISC

smalltown — matrixssl

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. 2023-01-18 not yet calculated CVE-2022-46505
MISC
MISC

snyk — cookiejar

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression. 2023-01-18 not yet calculated CVE-2022-25901
MISC
MISC
MISC
MISC
MISC

solarwinds — database_performance_analyzer

In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting. 2023-01-20 not yet calculated CVE-2022-38110
MISC
MISC

solarwinds — database_performance_analyzer

In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext. 2023-01-20 not yet calculated CVE-2022-38112
MISC
MISC sonicwall — sma1000 Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory. 2023-01-19 not yet calculated CVE-2023-0126
CONFIRM

sourcecodester — book_store_management_system

Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the publisher parameter. 2023-01-18 not yet calculated CVE-2022-45613
MISC
MISC sourcecodester — book_store_management_system Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter. 2023-01-20 not yet calculated CVE-2023-23024
MISC sourcecodester — online_food_ordering_system A vulnerability was found in SourceCodester Online Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file view_prod.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218384. 2023-01-15 not yet calculated CVE-2023-0303
MISC
MISC
MISC sourcecodester — online_food_ordering_system A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file admin_class.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-218385 was assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2023-0304
MISC
MISC
MISC sourcecodester — online_food_ordering_system A vulnerability classified as critical was found in SourceCodester Online Food Ordering System. This vulnerability affects unknown code of the file admin_class.php of the component Login Module. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-218386 is the identifier assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2023-0305
MISC
MISC
MISC sourcecodester — online_food_ordering_system
  A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file admin/manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218472. 2023-01-17 not yet calculated CVE-2023-0332
MISC
MISC
MISC sourcecodester — online_tours_&_travel_management_system A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-218426 is the identifier assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2023-0324
MISC
MISC
MISC spiderlabs — modsecurity In ModSecurity before 2.9.7, FILES_TMP_CONTENT sometimes lacked the complete content. This can lead to a Web Application Firewall bypass. 2023-01-20 not yet calculated CVE-2023-24021
MISC
MISC
MISC sqldump — sqldump A vulnerability classified as critical was found in gophergala sqldump. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 76db54e9073b5248b8863e71a63d66a32d567d21. It is recommended to apply a patch to fix this issue. VDB-218350 is the identifier assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2015-10044
MISC
MISC
MISC ssharpsmartthreadpool — ssharpsmartthreadpool A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The name of the patch is 0e58073c831093aad75e077962e9fb55cad0dc5f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218463. 2023-01-18 not yet calculated CVE-2015-10067
MISC
MISC
MISC

stracker — stracker

A vulnerability classified as critical was found in visegripped Stracker. Affected by this vulnerability is the function getHistory of the file doc_root/public_html/stracker/api.php. The manipulation of the argument symbol/startDate/endDate leads to sql injection. The name of the patch is 63e1b040373ee5b6c7d1e165ecf5ae1603d29e0a. It is recommended to apply a patch to fix this issue. The identifier VDB-218377 was assigned to this vulnerability. 2023-01-15 not yet calculated CVE-2022-4889
MISC
MISC
MISC
MISC sudo — sudoedit In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a “–” argument that defeats a protection mechanism, e.g., an EDITOR=’vim — /path/to/extra/file’ value. 2023-01-18 not yet calculated CVE-2023-22809
MISC
CONFIRM
MLIST
DEBIAN
MLIST
FEDORA

swift — async_http_client

Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they pass untrusted data into HTTP header field values without prior sanitisation. Common use-cases here might be to place usernames from a database into HTTP header fields. This vulnerability allows attackers to inject new HTTP header fields, or entirely new requests, into the data stream. This can cause requests to be understood very differently by the remote server than was intended. In general, this is unlikely to result in data disclosure, but it can result in a number of logical errors and other misbehaviours. 2023-01-18 not yet calculated CVE-2023-0040
MISC swift — s3_xml_parser An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed). 2023-01-18 not yet calculated CVE-2022-47950
MISC
MISC

sylabs — scs-library-client

github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectly leaked to an S3 backing storage provider. This occurs in a specific flow, where the library service redirects the client to a backing S3 storage server, to perform a multi-part concurrent download. Depending on site configuration, the S3 service may be provided by a third party. An attacker with access to the S3 service may be able to extract user credentials, allowing them to impersonate the user. The vulnerable multi-part concurrent download flow, with redirect to S3, is only used when communicating with a Singularity Enterprise 1.x installation, or third party server implementing this flow. Interaction with Singularity Enterprise 2.x, and Singularity Container Services (cloud.sylabs.io), does not trigger the vulnerable flow. We encourage all users to update. Users who interact with a Singularity Enterprise 1.x installation, using a 3rd party S3 storage service, are advised to revoke and recreate their authentication tokens within Singularity Enterprise. There is no workaround available at this time. 2023-01-17 not yet calculated CVE-2022-23538
MISC
MISC
MISC
MISC

symantec — endpoint_protection

Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated 2023-01-20 not yet calculated CVE-2022-25631
MISC

talos — ghost

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `twitter` field for a user. 2023-01-19 not yet calculated CVE-2022-47194
MISC

talos — ghost

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `facebook` field for a user. 2023-01-19 not yet calculated CVE-2022-47195
MISC

talos — ghost

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_head` for a post. 2023-01-19 not yet calculated CVE-2022-47196
MISC

talos — ghost

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_foot` for a post. 2023-01-19 not yet calculated CVE-2022-47197
MISC tenable — nessus A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host. 2023-01-20 not yet calculated CVE-2023-0101
MISC
MISC theradsystem — theradsystem A vulnerability was found in saemorris TheRadSystem and classified as critical. This issue affects the function redirect of the file _login.php. The manipulation of the argument user/pass leads to sql injection. The attack may be initiated remotely. The name of the patch is bfba26bd34af31648a11af35a0bb66f1948752a6. It is recommended to apply a patch to fix this issue. The identifier VDB-218453 was assigned to this vulnerability. 2023-01-17 not yet calculated CVE-2015-10063
MISC
MISC
MISC theradsystem — theradsystem A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic. Affected is an unknown function of the file users.php. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. VDB-218454 is the identifier assigned to this vulnerability. 2023-01-16 not yet calculated CVE-2023-0327
MISC
MISC
MISC tiki — wiki_cms_groupware Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call. 2023-01-14 not yet calculated CVE-2023-22850
MISC
MISC tiki — wiki_cms_groupware Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-import_sheet.php. 2023-01-14 not yet calculated CVE-2023-22852
MISC
MISC tiki — wiki_cms_groupware Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval. 2023-01-14 not yet calculated CVE-2023-22853
MISC
MISC tl-wdr7660 — tl-wdr7660 An issue was discovered in function httpProcDataSrv in TL-WDR7660 2.0.30 that allows attackers to execute arbitrary code. 2023-01-19 not yet calculated CVE-2021-37774
MISC

tmux — tmux

A null pointer dereference issue was discovered in function window_pane_set_event in window.c in tmux 3.0 thru 3.3 allows attackers to cause denial of service or other unspecified impacts. 2023-01-20 not yet calculated CVE-2022-47016
MISC ton-masterserver — ton-masterserver A vulnerability, which was classified as critical, has been found in GGGGGGGG ToN-MasterServer. Affected by this issue is some unknown functionality of the file public_html/irc_updater/svr_request_pub.php. The manipulation leads to sql injection. The name of the patch is 3a4c7e6d51bf95760820e3245e06c6e321a7168a. It is recommended to apply a patch to fix this issue. VDB-218306 is the identifier assigned to this vulnerability. 2023-01-13 not yet calculated CVE-2017-20169
MISC
MISC
MISC tor — safesocks The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. 2023-01-14 not yet calculated CVE-2023-23589
MISC
MISC
MISC
DEBIAN totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function. 2023-01-20 not yet calculated CVE-2022-48121
MISC totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function. 2023-01-20 not yet calculated CVE-2022-48122
MISC totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function. 2023-01-20 not yet calculated CVE-2022-48123
MISC totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function. 2023-01-20 not yet calculated CVE-2022-48124
MISC totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function. 2023-01-20 not yet calculated CVE-2022-48125
MISC totolink — a7100ru TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function. 2023-01-20 not yet calculated CVE-2022-48126
MISC totolink — a7100ru-v7.4cu.2313_b20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload. 2023-01-17 not yet calculated CVE-2022-47853
MISC tourist5 — online-food-ordering-system Multiple SQL Injection vulnerabilies in tourist5 Online-food-ordering-system 1.0. 2023-01-20 not yet calculated CVE-2020-29297
MISC
MISC
MISC tp-link — tp-link_sg105pe TP-Link SG105PE firmware prior to ‘TL-SG105PE(UN) 1.0_1.0.0 Build 20221208’ contains an authentication bypass vulnerability. Under the certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and/or the product’s settings may be altered with the privilege of the administrator. 2023-01-17 not yet calculated CVE-2023-22303
MISC
MISC
MISC tpm2-software — tpm2-tss tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege. 2023-01-19 not yet calculated CVE-2023-22745
MISC
MISC trabalho-web2 — trabalho-web2 A vulnerability was found in evandro-machado Trabalho-Web2. It has been classified as critical. This affects an unknown part of the file src/java/br/com/magazine/dao/ClienteDAO.java. The manipulation leads to sql injection. The name of the patch is f59ac954625d0a4f6d34f069a2e26686a7a20aeb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218427. 2023-01-17 not yet calculated CVE-2015-10061
MISC
MISC
MISC

trend_micro_inc — maximum_security_2022

A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system. 2023-01-20 not yet calculated CVE-2022-48191
MISC
MISC trusted_firmware — trusted_firmware-a Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state. 2023-01-16 not yet calculated CVE-2022-47630
MISC
CONFIRM
MLIST twiddit — twiddit A vulnerability was found in copperwall Twiddit. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation leads to sql injection. The name of the patch is 2203d4ce9810bdaccece5c48ff4888658a01acfc. It is recommended to apply a patch to fix this issue. The identifier VDB-218897 was assigned to this vulnerability. 2023-01-19 not yet calculated CVE-2015-10070
MISC
MISC
MISC tynx — wuersch A vulnerability was found in tynx wuersch and classified as critical. Affected by this issue is the function packValue/getByCustomQuery of the file backend/base/Store.class.php. The manipulation leads to sql injection. The name of the patch is 66d4718750a741d1053d327a79e285fd50372519. It is recommended to apply a patch to fix this issue. VDB-218462 is the identifier assigned to this vulnerability. 2023-01-18 not yet calculated CVE-2015-10066
MISC
MISC
MISC

vim — vim

A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. 2023-01-20 not yet calculated CVE-2022-47024
MISC vim — vim Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. 2023-01-21 not yet calculated CVE-2023-0433
MISC
CONFIRM vinylmap — vinylmap A vulnerability was found in 2071174A vinylmap. It has been classified as critical. Affected is the function contact of the file recordstoreapp/views.py. The manipulation leads to sql injection. The name of the patch is b07b79a1e92cc62574ba0492cce000ef4a7bd25f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218400. 2023-01-16 not yet calculated CVE-2015-10056
MISC
MISC
MISC webapplication-veganguide — webapplication-veganguide A vulnerability has been found in s134328 Webapplication-Veganguide and classified as problematic. This vulnerability affects unknown code of the file p05-integration/app/shared/api/apiService.js. The manipulation of the argument country/city leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 2aa760fa4e779e40a28206a32ac22ac10356f519. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218416. 2023-01-17 not yet calculated CVE-2015-10059
MISC
MISC
MISC wikisource — category _browser A vulnerability, which was classified as problematic, was found in Wikisource Category Browser. This affects an unknown part of the file index.php. The manipulation of the argument lang leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 764f4e8ce3f9242637df77530c70ae8a2ec4b6a1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218415. 2023-01-17 not yet calculated CVE-2015-10058
MISC
MISC
MISC

wordpress — wordpress

SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running. 2023-01-20 not yet calculated CVE-2021-26644
MISC

wordpress — wordpress

The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2023-01-16 not yet calculated CVE-2022-2658
MISC

wordpress — wordpress

Cross-Site Request Forgery (CSRF) in MiKa’s OSM – OpenStreetMap plugin <= 6.0.1 versions. 2023-01-17 not yet calculated CVE-2022-30544
MISC

wordpress — wordpress

Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms – WordPress Form Builder <= 1.1.0 ver. 2023-01-14 not yet calculated CVE-2022-38467
MISC

wordpress — wordpress

The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics. 2023-01-16 not yet calculated CVE-2022-3904
MISC

wordpress — wordpress

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. 2023-01-16 not yet calculated CVE-2022-4060
MISC

wordpress — wordpress

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 3com – Asesor de Cookies para normativa española plugin <= 3.4.3 versions. 2023-01-19 not yet calculated CVE-2022-40697
MISC

wordpress — wordpress

The Images Optimize and Upload CF7 WordPress plugin through 2.1.4 does not validate the file to be deleted via an AJAX action available to unauthenticated users, which could allow them to delete arbitrary files on the server via path traversal attack. 2023-01-16 not yet calculated CVE-2022-4101
MISC

wordpress — wordpress

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). 2023-01-16 not yet calculated CVE-2022-4199
MISC

wordpress — wordpress

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Adeel Ahmed’s IP Blacklist Cloud plugin <= 5.00 versions. 2023-01-17 not yet calculated CVE-2022-42462
MISC

wordpress — wordpress

The Show All Comments WordPress plugin before 7.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin. 2023-01-16 not yet calculated CVE-2022-4295
MISC

wordpress — wordpress

The Metricool WordPress plugin before 1.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). 2023-01-16 not yet calculated CVE-2022-4299
MISC

wordpress — wordpress

The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack. 2023-01-16 not yet calculated CVE-2022-4309
MISC

wordpress — wordpress

The WordPress Events Calendar WordPress plugin before 1.4.5 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users (such as high-privilege ones like admin). 2023-01-16 not yet calculated CVE-2022-4320
MISC wordpress — wordpress The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated as high privilege user could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input. 2023-01-16 not yet calculated CVE-2022-4327
MISC wordpress — wordpress The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). 2023-01-16 not yet calculated CVE-2022-4330
MISC wordpress — wordpress Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed’s IP Blacklist Cloud plugin <= 5.00 versions. 2023-01-17 not yet calculated CVE-2022-43462
MISC

wordpress — wordpress

The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4431
MISC
MISC

wordpress — wordpress

The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). 2023-01-16 not yet calculated CVE-2022-4442
MISC

wordpress — wordpress

The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. 2023-01-16 not yet calculated CVE-2022-4447
MISC

wordpress — wordpress

The Page scroll to id WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4449
MISC

wordpress — wordpress

The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks against high privilege users like administrators. 2023-01-16 not yet calculated CVE-2022-4453
MISC

wordpress — wordpress

The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4460
MISC

wordpress — wordpress

Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privileged users such as admin. 2023-01-16 not yet calculated CVE-2022-4464
MISC

wordpress — wordpress

The WP Video Lightbox WordPress plugin before 1.9.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. 2023-01-16 not yet calculated CVE-2022-4465
MISC

wordpress — wordpress

The Simple Membership WordPress plugin before 4.2.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. 2023-01-16 not yet calculated CVE-2022-4469
MISC

wordpress — wordpress

The Download Manager WordPress plugin before 3.2.62 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. 2023-01-16 not yet calculated CVE-2022-4476
MISC

wordpress — wordpress

The Smash Balloon Social Post Feed WordPress plugin before 4.1.6 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. 2023-01-16 not yet calculated CVE-2022-4477
MISC

wordpress — wordpress

The Font Awesome WordPress plugin before 4.3.2 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. 2023-01-16 not yet calculated CVE-2022-4478
MISC

wordpress — wordpress

The Click to Chat WordPress plugin before 3.18.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4480
MISC

wordpress — wordpress

The Mesmerize Companion WordPress plugin before 1.6.135 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4481
MISC

wordpress — wordpress

The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4482
MISC

wordpress — wordpress

The Insert Pages WordPress plugin before 3.7.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4483
MISC

wordpress — wordpress

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.44 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4484
MISC

wordpress — wordpress

The Meteor Slides WordPress plugin through 1.5.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4486
MISC wordpress — wordpress The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4487
MISC wordpress — wordpress The Real Cookie Banner WordPress plugin before 3.4.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. 2023-01-16 not yet calculated CVE-2022-4507
MISC

wordpress — wordpress

Broken Access Control in Betheme theme <= 26.6.1 on WordPress. 2023-01-14 not yet calculated CVE-2022-45353
MISC

wordpress — wordpress

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4544
MISC wordpress — wordpress The Conditional Payment Methods for WooCommerce WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by [high privilege users such as admin|users with a role as low as admin. 2023-01-16 not yet calculated CVE-2022-4547
MISC
MISC wordpress — wordpress The Tickera WordPress plugin before 3.5.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. 2023-01-16 not yet calculated CVE-2022-4549
MISC wordpress — wordpress The Seriously Simple Podcasting WordPress plugin before 2.19.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4571
MISC wordpress — wordpress The Video Conferencing with Zoom WordPress plugin before 4.0.10 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4578
MISC wordpress — wordpress The Real Testimonials WordPress plugin before 2.6.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4648
MISC wordpress — wordpress The Greenshift WordPress plugin before 4.8.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. 2023-01-16 not yet calculated CVE-2022-4653
MISC wordpress — wordpress The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack. 2023-01-16 not yet calculated CVE-2022-4655
MISC wordpress — wordpress The RSSImport WordPress plugin through 4.6.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. 2023-01-16 not yet calculated CVE-2022-4658
MISC wordpress — wordpress The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.8.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change image categories, which it uses to arrange them in folder views. 2023-01-13 not yet calculated CVE-2023-0293
MISC
MISC wordpress — wordpress The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on its AJAX actions function. This makes it possible for unauthenticated attackers to change image categories used by the plugin, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2023-01-13 not yet calculated CVE-2023-0294
MISC
MISC wordpress — wordpress The Launchpad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its settings parameters in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2023-01-13 not yet calculated CVE-2023-0295
MISC
MISC wordpress — wordpress The Custom 404 Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.7.1. This is due to missing or incorrect nonce validation on the custom_404_pro_admin_init function. This makes it possible for unauthenticated attackers to delete logs, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2023-01-18 not yet calculated CVE-2023-0385
MISC
MISC wordpress — wordpress The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post meta information and reset network access tokens. 2023-01-19 not yet calculated CVE-2023-0402
MISC
MISC
MISC wordpress — wordpress The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. This is due to missing or incorrect nonce validation on several AJAX actions. This makes it possible for unauthenticated attackers to delete post meta information and reset network access tokens, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2023-01-19 not yet calculated CVE-2023-0403
MISC
MISC wordpress — wordpress The Events Made Easy plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions related to AJAX actions in versions up to, and including, 2.3.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those functions intended for administrator use. While the plugin is still pending review from the WordPress repository, site owners can download a copy of the patched version directly from the developer’s Github at https://github.com/liedekef/events-made-easy 2023-01-19 not yet calculated CVE-2023-0404
MISC
MISC

wordpress — wordpress

  The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4451
MISC wordpress — wordpress
  The ConvertKit WordPress plugin before 2.0.5 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins. 2023-01-16 not yet calculated CVE-2022-4508
MISC wordpress –wordpress Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call. 2023-01-14 not yet calculated CVE-2023-22851
MISC
MISC wordpress –wordpress The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the ‘code’ parameter of the ‘/pmpro/v1/order’ REST route. 2023-01-20 not yet calculated CVE-2023-23488
MISC wordpress –wordpress The Easy Digital Downloads WordPress Plugin, version < 3.1.0.4, is affected by an unauthenticated SQL injection vulnerability in the ‘s’ parameter of its ‘edd_download_search’ action. 2023-01-20 not yet calculated CVE-2023-23489
MISC wordpress –wordpress The Survey Maker WordPress Plugin, version < 3.1.2, is affected by an authenticated SQL injection vulnerability in the ‘surveys_ids’ parameter of its ‘ays_surveys_export_json’ action. 2023-01-20 not yet calculated CVE-2023-23490
MISC wordpress –wordpress The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the ‘category’ parameter of its ‘qem_ajax_calendar’ action. 2023-01-20 not yet calculated CVE-2023-23491
MISC wordpress –wordpress The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the ‘ID’ parameter of its ‘lwp_forgot_password’ action. 2023-01-20 not yet calculated CVE-2023-23492
MISC

xpressengine — xpressengine

When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running. 2023-01-20 not yet calculated CVE-2021-26642
MISC

yeastar — n-series_analog_phone_system

In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which will change admin password granting access to the device. 2023-01-20 not yet calculated CVE-2022-47732
MISC
MISC yiisoft — yii2-gii Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file. 2023-01-21 not yet calculated CVE-2020-36655
MISC
MISC youngerheart — nodeserver A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The name of the patch is c4c0f0138ab5afbac58e03915d446680421bde28. It is recommended to apply a patch to fix this issue. The identifier VDB-218461 was assigned to this vulnerability. 2023-01-18 not yet calculated CVE-2020-36651
MISC
MISC
MISC
MISC zentao — zentao ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by constructing a special request and sending it to function importNotice. 2023-01-19 not yet calculated CVE-2022-47745
MISC
MISC

zephyr — zephyr

A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete. 2023-01-19 not yet calculated CVE-2023-0397
MISC

zowe — api-layer

It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. This is happening only in the situation when zOSMF doesn’t have the APAR PH12143 applied. This issue affects: 1.16 versions to 1.19. What happens is that the services using the ZAAS client or the API ML API to query will be deceived into believing the information in the JWT token is valid when it isn’t. It’s possible to use this to persuade the southbound service that different user is authenticated. 2023-01-18 not yet calculated CVE-2021-4314
MISC

zyxel — az7501

A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability. 2023-01-17 not yet calculated CVE-2022-45439
CONFIRM

zyxel — az7501

A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a symbolic link on external storage media, such as a USB flash drive, and then logging into the FTP server on a vulnerable device. 2023-01-17 not yet calculated CVE-2022-45440
CONFIRM