jinfornet — jreport Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information. 2023-07-27 not yet calculated CVE-2020-22623
MISC
MISC
MISC thinkific — thinkific_online_course_creation_platform

Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary code (remote). The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attack vector is: To exploit the vulnerability any user has to just visit the link – https://hacktify.thinkific.com/account/billing?success=%E2%80%AA%3Cscript%3Ealert(1)%3C/script%3E. Thinkific is a Website based Learning Platform Product which is used by thousands of users worldwide. There is a Cross Site Scripting (XSS) based vulnerability in the code of the CMS where any attacker can execute a XSS attack. Proof of Concept & Steps to Reproduce:

Step1 : Go to Google.com; Step 2 : Search for this Dork site:thinkific.com -www; Step 3 : You will get a list of websites which are running on the thinkific domains; Step 4 : Create account and signin in any of the website; Step 5 : Add this endpoint at the end of the domain and you will see that there is a XSS Alert /account/billing?success=%E2%80%AA Step 6 : Choose any domains from google for any website this exploit will work on all the websites as it is a code based flaw in the CMS; Step 7 : Thousands of websites are vulnerable due to this vulnerable code in the CMS itself which is giving rise to the XSS attack.

2023-07-25 not yet calculated CVE-2020-35698
MISC deskpro — support_desk Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL. 2023-07-21 not yet calculated CVE-2021-35391
MISC
MISC icewarp — mailserver/server_deep_castle_2 Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. 2023-07-27 not yet calculated CVE-2021-36580
MISC
MISC
MISC seeddms — seeddms A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. 2023-07-24 not yet calculated CVE-2021-39421
MISC google — chrome Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2021-4316
MISC
MISC google — chrome
  Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2021-4317
MISC
MISC google — chrome
  Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2021-4318
MISC
MISC google — chrome Use after free in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2021-4319
MISC
MISC google — chrome
  Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2021-4320
MISC
MISC google — chrome Policy bypass in Blink in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2021-4321
MISC
MISC google — chrome
  Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2021-4322
MISC
MISC google — chrome
  Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a crafted Chrome Extension. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2021-4323
MISC
MISC google — chrome Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2021-4324
MISC
MISC hitachi_energy — rtu500_series
  A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must be ordered separately. If these preconditions are fulfilled, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a missing input data validation which eventually if exploited causes an internal buffer to overflow in the HCI IEC 60870-5-104 function. 2023-07-26 not yet calculated CVE-2022-2502
MISC nokia — netact_22 An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value. 2023-07-24 not yet calculated CVE-2022-28863
MISC
MISC nokia — netact_22 An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include malicious code, which is then downloaded as a .csv or .xlsx file and executed on a victim machine. Here, the /aom/html/EditTemplate.jsf and /aom/html/ViewAllTemplatesPage.jsf templateName parameter is used. 2023-07-24 not yet calculated CVE-2022-28864
MISC
MISC nokia — netact_22 An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim’s web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used. 2023-07-24 not yet calculated CVE-2022-28865
MISC
MISC nokia — netact_22 An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include JavaScript code, which is then stored and executed by a victim’s web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /aom/html/EditTemplate.jsf and /aom/html/ViewAllTemplatesPage.jsf templateName parameter is used. 2023-07-24 not yet calculated CVE-2022-28867
MISC
MISC nokia — netact_22 /SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF. A remote attacker is able to create users with arbitrary privileges, even administrative privileges. The application (even if it implements a CSRF token for the random GET request) does not ever verify a CSRF token. With a little help of social engineering/phishing (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application. 2023-07-24 not yet calculated CVE-2022-30280
MISC
MISC atmail — atmail Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field. 2023-07-27 not yet calculated CVE-2022-31200
MISC
MISC yii_2 — yii_2 Yii 2 v2.0.45 was discovered to contain a cross-site scripting (XSS) vulnerability via the endpoint /books. 2023-07-28 not yet calculated CVE-2022-31454
MISC
MISC truedesk — truedesk * A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box. 2023-07-26 not yet calculated CVE-2022-31455
MISC
MISC truedesk — truedesk A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter. 2023-07-26 not yet calculated CVE-2022-31456
MISC
MISC rtx_trap — rtx_trap RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/. 2023-07-25 not yet calculated CVE-2022-31457
MISC rtx_trap — rtx_trap RTX TRAP v1.0 was discovered to be vulnerable to host header poisoning. 2023-07-25 not yet calculated CVE-2022-31458
MISC
MISC arm_ltd — multiple_products
  When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. 2023-07-27 not yet calculated CVE-2022-43701
MISC arm_ltd — multiple_products
  When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. 2023-07-27 not yet calculated CVE-2022-43702
MISC arm_ltd — multiple_products An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. 2023-07-27 not yet calculated CVE-2022-43703
MISC gx_software –gx_software Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields. 2023-07-26 not yet calculated CVE-2022-43710
MISC
MISC gx_software –gx_software Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src. 2023-07-26 not yet calculated CVE-2022-43711
MISC
MISC gx_software –gx_software POST requests to /web/mvc in GX Software XperienCentral version 10.36.0 and earlier were not blocked for uses that are not logged in. If an unauthorized user is able to bypass other security filters they are able to post unauthorized data to the server because of CVE-2022-22965. 2023-07-26 not yet calculated CVE-2022-43712
MISC
MISC gx_software –gx_software Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed. 2023-07-26 not yet calculated CVE-2022-43713
MISC
MISC hitachi_energy — rtu500_series A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow. 2023-07-26 not yet calculated CVE-2022-4608
MISC vocera — report_server/voice_server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the “restore SQL data” filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database. 2023-07-25 not yet calculated CVE-2022-46898
MISC
MISC vocera — report_server/voice_server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter. 2023-07-25 not yet calculated CVE-2022-46899
MISC
MISC vocera — report_server/voice_server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters. 2023-07-25 not yet calculated CVE-2022-46900
MISC vocera — report_server/voice_server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database. 2023-07-25 not yet calculated CVE-2022-46901
MISC
MISC vocera — report_server/voice_server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination. 2023-07-25 not yet calculated CVE-2022-46902
MISC
MISC google — chrome
  Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4906
MISC
MISC google — chrome
  Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4907
MISC
MISC google — chrome
  Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4908
MISC
MISC google — chrome
  Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4909
MISC
MISC google — chrome
  Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4910
MISC
MISC google — chrome
  Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4911
MISC
MISC google — chrome
  Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4912
MISC
MISC google — chrome
  Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4913
MISC
MISC google — chrome
  Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4914
MISC
MISC google — chrome
  Inappropriate implementation in URL Formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4915
MISC
MISC google — chrome
  Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4916
MISC
MISC google — chrome
  Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4917
MISC
MISC google — chrome
  Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4918
MISC
MISC google — chrome
  Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4919
MISC
MISC google — chrome
  Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4920
MISC
MISC google — chrome
  Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4921
MISC
MISC google — chrome
  Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4922
MISC
MISC google — chrome
  Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4923
MISC
MISC google — chrome
  Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2022-4924
MISC
MISC google — chrome
  Insufficient validation of untrusted input in QUIC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform header splitting via malicious network traffic. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2022-4925
MISC
MISC google — chrome
  Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2022-4926
MISC
MISC qemu — qemu
  A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the guest to elevate their privileges within the guest and help a host local user to elevate privileges on the host. 2023-07-24 not yet calculated CVE-2023-1386
MISC
MISC gitlab — gitlab
  An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization. 2023-07-26 not yet calculated CVE-2023-1401
MISC
MISC amd — multiple_products
  An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. 2023-07-24 not yet calculated CVE-2023-20593
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC vmware — vmware_tanzu_application_service_for_vms
  The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. In a default deployment non-admin users do not have access to the platform system audit logs. 2023-07-26 not yet calculated CVE-2023-20891
MISC axis_communications_ab — axis_a1001_network_door_controller
  Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed. No sensitive or customer data can be extracted as the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions. 2023-07-25 not yet calculated CVE-2023-21405
MISC axis_communications_ab — axis_a1001_network_door_controller
  Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP message it was possible to write data beyond the heap allocated buffer. The data written outside the buffer could be used to execute arbitrary code.  lease refer to the Axis security advisory for more information, mitigation and affected products and software versions. 2023-07-25 not yet calculated CVE-2023-21406
MISC gallagher — command_centre
  A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2) 2023-07-25 not yet calculated CVE-2023-22363
MISC gallagher — command_centre
  Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831(MR8), vEL8.40 and prior. 2023-07-24 not yet calculated CVE-2023-22428
MISC wordpress — wordpress The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability. 2023-07-24 not yet calculated CVE-2023-2309
MISC google — chrome
  Insufficient policy enforcement in File System API in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium) 2023-07-29 not yet calculated CVE-2023-2311
MISC
MISC google — chrome
  Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a malicious file. (Chromium security severity: High) 2023-07-29 not yet calculated CVE-2023-2313
MISC
MISC google — chrome
  Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) 2023-07-29 not yet calculated CVE-2023-2314
MISC
MISC gallagher — command_centre
  Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior 2023-07-25 not yet calculated CVE-2023-23568
MISC github — enterprise_server
  An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server versions 3.7.0 and above and was fixed in versions 3.7.9, 3.8.2, and 3.9.1. This vulnerability was reported via the GitHub Bug Bounty program. 2023-07-27 not yet calculated CVE-2023-23764
MISC
MISC
MISC wordpress — wordpress Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions. 2023-07-25 not yet calculated CVE-2023-23833
MISC solarwinds — network_configuration_manager The SolarWinds Network Configuration Manager was susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. 2023-07-26 not yet calculated CVE-2023-23842
MISC
MISC solarwinds — solarwinds_platform
  The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. 2023-07-26 not yet calculated CVE-2023-23843
MISC
MISC solarwinds — solarwinds_platform
  The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. 2023-07-26 not yet calculated CVE-2023-23844
MISC
MISC linux — kernel
  A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat. 2023-07-23 not yet calculated CVE-2023-2430
MISC gallagher — command_centre
  Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior. 2023-07-25 not yet calculated CVE-2023-25074
MISC nodebb — nodebb
  NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to arbitrarily execute javascript files on the local disk. This issue is patched in version 2.8.7. As a workaround, site maintainers can cherry pick the fix into their codebase to patch the exploit. 2023-07-24 not yet calculated CVE-2023-26045
MISC
MISC atera — agent Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. 2023-07-24 not yet calculated CVE-2023-26077
MISC
MISC
MISC atera — agent Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs. 2023-07-24 not yet calculated CVE-2023-26078
MISC
MISC
MISC google — nest_hub_max
  There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range. 2023-07-25 not yet calculated CVE-2023-2626
MISC hp_inc. — hp_laserjet_pro
  Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. 2023-07-21 not yet calculated CVE-2023-26301
MISC canonical — ubuntu_kernel
  On Ubuntu kernels carrying both c914c0e27eb0 and “UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs”, an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks. 2023-07-26 not yet calculated CVE-2023-2640
MISC
MISC
MISC
MISC abb — ao-opc
  A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started with system user privileges which could cause a shift in user access privileges. It is unlikely to exploit the vulnerability in well maintained Windows installations since the attacker would need write access to system folders. An update is available that resolves the vulnerability found during an internal review in the product AO-OPC = 3.2.1  2023-07-28 not yet calculated CVE-2023-2685
MISC prestashop — sendinblue SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component. 2023-07-26 not yet calculated CVE-2023-26859
MISC
MISC asus – armoury_crate ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. 2023-07-26 not yet calculated CVE-2023-26911
MISC
MISC
MISC wordpress — wordpress The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the `txtsearch` parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin. 2023-07-24 not yet calculated CVE-2023-2761
MISC hcl_software_ — hcl_bigfix_mobile HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server. 2023-07-27 not yet calculated CVE-2023-28012
MISC hcl_software_ — hcl_bigfix_mobile HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application. 2023-07-26 not yet calculated CVE-2023-28013
MISC hcl_software_ — hcl_bigfix_mobile HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application. 2023-07-27 not yet calculated CVE-2023-28014
MISC check_point — gaia_portal Local user may lead to privilege escalation using Gaia Portal hostnames page. 2023-07-26 not yet calculated CVE-2023-28130
MISC
MISC harmony_endpoint — harmony_endpoint Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file 2023-07-23 not yet calculated CVE-2023-28133
MISC apple — apple_music_for_android The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts. 2023-07-28 not yet calculated CVE-2023-28203
MISC nodebb — nodebb NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker. 2023-07-25 not yet calculated CVE-2023-2850
MISC
MISC
MISC linux — kernel
  An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel. 2023-07-24 not yet calculated CVE-2023-2860
MISC
MISC
MISC qemu — qemu
  A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. 2023-07-24 not yet calculated CVE-2023-3019
MISC
MISC multi-remote_next_generation_connection_manager — multi-remote_next_generation_connection_manager Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory. 2023-07-26 not yet calculated CVE-2023-30367
MISC
MISC
MISC advanced_maryland_automatic_network_disk_archiver — advanced_maryland_automatic_network_disk_archiver AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. 2023-07-26 not yet calculated CVE-2023-30577
CONFIRM palantir — palantir A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page’s content, which could lead to phishing attacks. 2023-07-26 not yet calculated CVE-2023-30949
MISC gitlab — gitlab A sensitive information leak issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows access to titles of private issue and MR. 2023-07-21 not yet calculated CVE-2023-3102
MISC
MISC fsmlabs — timekeeper An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server. 2023-07-26 not yet calculated CVE-2023-31465
MISC
MISC fsmlabs — timekeeper An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the “Configuration -> Compliance -> Add a new compliance report” and “Configuration -> Timekeeper Configuration -> Add a new source there” screens, there are entry points to inject JavaScript code. 2023-07-26 not yet calculated CVE-2023-31466
MISC
MISC rail_pass_management_system — rail_pass_management_system Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file. 2023-07-28 not yet calculated CVE-2023-31932
MISC rail_pass_management_system — rail_pass_management_system Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file. 2023-07-28 not yet calculated CVE-2023-31933
MISC rail_pass_management_system — rail_pass_management_system Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php. 2023-07-28 not yet calculated CVE-2023-31934
MISC rail_pass_management_system — rail_pass_management_system Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php. 2023-07-28 not yet calculated CVE-2023-31935
MISC
MISC rail_pass_management_system — rail_pass_management_system
  Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file. 2023-07-28 not yet calculated CVE-2023-31936
MISC rail_pass_management_system — rail_pass_management_system Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file. 2023-07-28 not yet calculated CVE-2023-31937
MISC curl — curl libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called `stat()` followed by `fopen()` in a way that made it vulnerable to a TOCTOU race condition problem. By exploiting this flaw, an attacker could trick the victim to create or overwrite protected files holding this data in ways it was not intended to. 2023-07-26 not yet calculated CVE-2023-32001
MISC
MISC vasion — printerlogic_client An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:WindowsTemp. A standard user can create the folder and path file ahead of time and obtain elevated code execution. 2023-07-25 not yet calculated CVE-2023-32231
MISC
MISC
MISC vasion — printerlogic_client An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges). 2023-07-25 not yet calculated CVE-2023-32232
MISC
MISC
MISC linux — kernel A flaw was found in the Linux kernel’s ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. 2023-07-24 not yet calculated CVE-2023-32247
MISC
MISC
MISC linux — kernel
  A flaw was found in the Linux kernel’s ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. 2023-07-24 not yet calculated CVE-2023-32248
MISC
MISC
MISC linux — kernel
  A flaw was found in the Linux kernel’s ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. 2023-07-24 not yet calculated CVE-2023-32252
MISC
MISC
MISC linux — kernel
  A flaw was found in the Linux kernel’s ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. 2023-07-24 not yet calculated CVE-2023-32257
MISC
MISC
MISC linux — kernel
  A flaw was found in the Linux kernel’s ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. 2023-07-24 not yet calculated CVE-2023-32258
MISC
MISC
MISC apple — macos
  A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. 2023-07-27 not yet calculated CVE-2023-32364
MISC
MISC
MISC apple — multiple_products
  A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-32381
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products
  The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-32393
MISC
MISC
MISC
MISC apple — multiple_products
  A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to read sensitive location information. 2023-07-27 not yet calculated CVE-2023-32416
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-32418
MISC
MISC
MISC b&r_industrial_automation — automation_runtime Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B&R Industrial Automation B&R Automation Runtime allows Flooding, Leveraging Race Conditions.This issue affects B&R Automation Runtime: <G4.93. 2023-07-26 not yet calculated CVE-2023-3242
MISC apple — apple_music_for_android This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic. 2023-07-28 not yet calculated CVE-2023-32427
MISC apple — macos_ventura The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass Privacy preferences. 2023-07-27 not yet calculated CVE-2023-32429
MISC
MISC
MISC apple — multiple_products
  A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-32433
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — ios_and_ipados
  The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox. 2023-07-27 not yet calculated CVE-2023-32437
MISC apple — multiple_products
  The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-32441
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — macos
  An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings. 2023-07-27 not yet calculated CVE-2023-32442
MISC
MISC apple — macos
  An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents. 2023-07-27 not yet calculated CVE-2023-32443
MISC
MISC
MISC apple — macos
  A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. 2023-07-28 not yet calculated CVE-2023-32444
MISC
MISC
MISC
MISC
MISC
MISC apple — safari
  This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack. 2023-07-28 not yet calculated CVE-2023-32445
MISC
MISC
MISC
MISC
MISC
MISC dell — dell_power_manager
  Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. 2023-07-27 not yet calculated CVE-2023-32450
MISC dell — ecs_streamer
  Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data. 2023-07-26 not yet calculated CVE-2023-32468
MISC php_group — php
  In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client’s nonce.  2023-07-22 not yet calculated CVE-2023-3247
MISC wordpress — wordpress
  The All-in-one Floating Contact Form WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2023-07-24 not yet calculated CVE-2023-3248
MISC canonical — ubuntu_kernel
  Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels 2023-07-26 not yet calculated CVE-2023-32629
MISC
MISC
MISC
MISC the_ministry_of_justice — applicant_programme
  Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. 2023-07-25 not yet calculated CVE-2023-32639
MISC
MISC apple — macos
  A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user. 2023-07-28 not yet calculated CVE-2023-32654
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-32734
MISC
MISC
MISC
MISC abb — abb_ability_zenon
  A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. 2023-07-24 not yet calculated CVE-2023-3321
MISC abb — abb_ability_zenon
  A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. 2023-07-24 not yet calculated CVE-2023-3322
MISC solarwinds — solarwinds_platform
  The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. 2023-07-26 not yet calculated CVE-2023-33224
MISC
MISC solarwinds — solarwinds_platform
  The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. 2023-07-26 not yet calculated CVE-2023-33225
MISC
MISC solarwinds — solarwinds_platform
  The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML. 2023-07-26 not yet calculated CVE-2023-33229
MISC
MISC abb — abb_ability
  A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. 2023-07-24 not yet calculated CVE-2023-3323
MISC abb — abb_ability_zenon
  A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. 2023-07-24 not yet calculated CVE-2023-3324
MISC fortinet — fortios/fortiproxy
  A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection. 2023-07-26 not yet calculated CVE-2023-33308
MISC wordpress — wordpress
  The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2023-07-24 not yet calculated CVE-2023-3344
MISC teleadapt — roomcast_ta-2400 TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Cleartext Storage of Sensitive Information: RSA private key in Update.exe. 2023-07-27 not yet calculated CVE-2023-33742
MISC teleadapt — roomcast_ta-2400 TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge (adb) is available. 2023-07-27 not yet calculated CVE-2023-33743
MISC teleadapt — roomcast_ta-2400 TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN): 385521, 843646, and 592671. 2023-07-27 not yet calculated CVE-2023-33744
MISC teleadapt — roomcast_ta-2400 TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from the shell available after an adb connection, simply entering the su command provides root access (without requiring a password). 2023-07-27 not yet calculated CVE-2023-33745
MISC prestashop — prestashop_for_amazon An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack. 2023-07-25 not yet calculated CVE-2023-33777
MISC
MISC sumatrapdf_reader — sumatrapdf_reader A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. 2023-07-26 not yet calculated CVE-2023-33802
MISC quay — quay A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to a public registry containing a script that can be executed via Cross-site scripting (XSS). 2023-07-24 not yet calculated CVE-2023-3384
MISC
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <= 2.0 versions. 2023-07-25 not yet calculated CVE-2023-33925
MISC linux — kernel A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel. 2023-07-24 not yet calculated CVE-2023-33951
MISC
MISC
MISC linux — kernel A double-free vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of vmw_buffer_object objects. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. This flaw allows a local privileged user to escalate privileges and execute code in the context of the kernel. 2023-07-24 not yet calculated CVE-2023-33952
MISC
MISC
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FiveStarPlugins Five Star Restaurant Reservations plugin <= 2.6.7 versions. 2023-07-25 not yet calculated CVE-2023-34017
MISC strapi — strapi Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types themselves. Users can use plugins or modify their own content types without realizing that the `privateAttributes` getter is being removed, which can result in any attribute becoming public. This can lead to sensitive information being exposed or the entire system being taken control of by an attacker(having access to password hashes). Anyone can be impacted, depending on how people are using/extending content-types. If the users are mutating the content-type, they will not be affected. Version 4.10.8 contains a patch for this issue. 2023-07-25 not yet calculated CVE-2023-34093
MISC
MISC
MISC servicenow — jenkins_plug-in_for_servicenow_devops A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. 2023-07-26 not yet calculated CVE-2023-3414
MISC mozilla — thunderbird Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1. 2023-07-24 not yet calculated CVE-2023-3417
MISC
MISC
MISC
MISC
MISC apache — inlong Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.  Users are advised to upgrade to Apache InLong’s 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109  to solve it. 2023-07-25 not yet calculated CVE-2023-34189
MISC
MISC strapi — strapi Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to another table they want to query, the query changes from `password` to `t1.password`. `password` is protected by filtering protections but `t1.password` is not protected. This can lead to filtering attacks on everything related to the object again, including admin passwords and reset-tokens. Version 4.10.8 fixes this issue. 2023-07-25 not yet calculated CVE-2023-34235
MISC
MISC wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions. 2023-07-25 not yet calculated CVE-2023-34369
MISC servicenow — jenkins_plug-in_for_servicenow_devops A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. 2023-07-26 not yet calculated CVE-2023-3442
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-28 not yet calculated CVE-2023-34425
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC apache — inlong Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.  The attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to upgrade to Apache InLong’s 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8130 . 2023-07-25 not yet calculated CVE-2023-34434
MISC
MISC
MISC apache — shiro Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests. Mitigation: Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+ 2023-07-24 not yet calculated CVE-2023-34478
MISC
MISC eoffice — eoffice An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file. 2023-07-25 not yet calculated CVE-2023-34798
MISC gitlab — gitlab_ee An issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations. 2023-07-21 not yet calculated CVE-2023-3484
MISC
MISC papercut — ng An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected. 2023-07-25 not yet calculated CVE-2023-3486
MISC
MISC silicon_labs — gecko_bootloader Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file. 2023-07-28 not yet calculated CVE-2023-3488
MISC
MISC wordpress — wordpress Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Neha Goel Recent Posts Slider plugin <= 1.1 versions. 2023-07-25 not yet calculated CVE-2023-35043
MISC ivanti — antivirus An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above. 2023-07-21 not yet calculated CVE-2023-35077
MISC ivanti — endpoint_manager_mobile Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available. 2023-07-25 not yet calculated CVE-2023-35078
MISC
MISC
MISC
MISC apache — inlong Improper Neutralization of Special Elements Used in an SQL Command (‘SQL Injection’) vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.  In the toAuditCkSql method, the groupId, streamId, auditId, and dt are directly concatenated into the SQL query statement, which may lead to SQL injection attacks. Users are advised to upgrade to Apache InLong’s 1.8.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8198 2023-07-25 not yet calculated CVE-2023-35088
MISC
MISC
MISC johnson_controls — iq_wifi_6 An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack. 2023-07-25 not yet calculated CVE-2023-3548
MISC
MISC linux — kernel A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This flaw allows an attacker with local user access to cause a system crash or leak internal kernel information. 2023-07-24 not yet calculated CVE-2023-3567
MISC
MISC
MISC tuleap — tuleap Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the “card fields” (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix. 2023-07-25 not yet calculated CVE-2023-35929
MISC
MISC
MISC
MISC envoy — envoy Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios in which HMAC payload can be always valid in OAuth2 filter’s check. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, avoid wildcards/prefix domain wildcards in the host’s domain configuration. 2023-07-25 not yet calculated CVE-2023-35941
MISC envoy — envoy Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener’s global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. 2023-07-25 not yet calculated CVE-2023-35942
MISC envoy — envoy Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the `origin` header is removed and deleted between `decodeHeaders`and `encodeHeaders`. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, do not remove the `origin` header in the Envoy configuration. 2023-07-25 not yet calculated CVE-2023-35943
MISC envoy — envoy Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests with mixed-case schemes such as `htTp` or `htTps`, or the bypassing of some requests such as `https` in unencrypted connections. With a fix in versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, Envoy will now lowercase scheme values by default, and change the internal scheme checks that were case-sensitive to be case-insensitive. There are no known workarounds for this issue. 2023-07-25 not yet calculated CVE-2023-35944
MISC google — chrome Out of bounds read and write in ANGLE in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-07-28 not yet calculated CVE-2023-3598
MISC
MISC hewlett_packard_enterprise — aruba_access_points There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba’s access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. 2023-07-25 not yet calculated CVE-2023-35980
MISC hewlett_packard_enterprise — aruba_access_points There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba’s access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. 2023-07-25 not yet calculated CVE-2023-35981
MISC hewlett_packard_enterprise — aruba_access_points There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba’s access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. 2023-07-25 not yet calculated CVE-2023-35982
MISC apple — multiple_products This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. 2023-07-27 not yet calculated CVE-2023-35983
MISC
MISC
MISC apple — multiple_products A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-35993
MISC
MISC
MISC
MISC
MISC
MISC
MISC mulitple_vendors — multiple_products A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user’s sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users. Given this code is not in any released versions, no security releases have been issued. 2023-07-21 not yet calculated CVE-2023-3603
MISC
MISC linux — kernel
  A use-after-free vulnerability in the Linux kernel’s net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc. 2023-07-21 not yet calculated CVE-2023-3609
MISC
MISC linux — kernel
  A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered. We recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795. 2023-07-21 not yet calculated CVE-2023-3610
MISC
MISC
MISC linux — kernel
  An out-of-bounds write vulnerability in the Linux kernel’s net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. 2023-07-21 not yet calculated CVE-2023-3611
MISC
MISC solarwinds — platform Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource 2023-07-26 not yet calculated CVE-2023-3622
MISC
MISC openstack-neutron — openstack-neutron An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user’s quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. 2023-07-25 not yet calculated CVE-2023-3637
MISC
MISC
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin <= 2.9.9 versions. 2023-07-25 not yet calculated CVE-2023-36385
MISC linux — kernel
  A possible unauthorized memory access flaw was found in the Linux kernel’s cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the ‘Randomize per-cpu entry area’ feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system. 2023-07-24 not yet calculated CVE-2023-3640
MISC
MISC apple — multiple_products An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-28 not yet calculated CVE-2023-36495
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC wordpress — wordpress
  Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 9.0.2 versions. 2023-07-25 not yet calculated CVE-2023-36501
MISC wordpress — wordpress Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in cththemes Balkon plugin <= 1.3.2 versions. 2023-07-25 not yet calculated CVE-2023-36502
MISC wordpress — wordpress
  Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Max Foundry WordPress Button Plugin MaxButtons plugin <= 9.5.3 versions. 2023-07-25 not yet calculated CVE-2023-36503
MISC apache — nifi Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation. 2023-07-29 not yet calculated CVE-2023-36542
MISC
MISC
MISC
MISC cantao — cantao Contao is an open source content management system. Starting in version 4.0.0 and prior to versions 4.9.42, 4.13.28, and 5.1.10, it is possible for untrusted backend users to inject malicious code into headline fields in the back end, which will be executed both in the element preview (back end) and on the website (front end). Installations are only affected if there are untrusted back end users who have the rights to modify headline fields, or other fields using the input unit widget. Contao 4.9.42, 4.13.28, and 5.1.10 have a patch for this issue. As a workaround, disable the login for all untrusted back end users. 2023-07-25 not yet calculated CVE-2023-36806
MISC
MISC
MISC
MISC getsentry — sentry Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the organization or have permissions on the project. A patch was issued in version 23.5.2 to ensure authorization checks are properly scoped on requests to retrieve debug or artifact bundles. Authenticated users who do not have the necessary permissions on the particular project are no longer able to download them. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 23.5.2 or higher. 2023-07-25 not yet calculated CVE-2023-36826
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-36854
MISC
MISC
MISC apple — macos_ventura A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location. 2023-07-27 not yet calculated CVE-2023-36862
MISC phpgurukul_online_fire_reporting_system — phpgurukul_online_fire_reporting_system A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields. 2023-07-27 not yet calculated CVE-2023-36941
MISC
MISC phpgurukul_online_fire_reporting_system — phpgurukul_online_fire_reporting_system A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field. 2023-07-27 not yet calculated CVE-2023-36942
MISC
MISC emlog — emlog emlog 2.1.9 is vulnerable to Arbitrary file deletion via admintemplate.php. 2023-07-26 not yet calculated CVE-2023-37049
MISC dataease — dataease DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, the DataEase panel and dataset have a stored cross-site scripting vulnerability. The vulnerability has been fixed in v1.18.9. There are no known workarounds. 2023-07-25 not yet calculated CVE-2023-37257
MISC
MISC dataease — dataease DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds. 2023-07-25 not yet calculated CVE-2023-37258
MISC
MISC
MISC apple — multiple_products An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-28 not yet calculated CVE-2023-37285
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC redcap — redcap REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization. 2023-07-25 not yet calculated CVE-2023-37361
MISC
MISC mulitple_vendors — multiple_products A heap-based buffer overflow issue was found in ImageMagick’s PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service. 2023-07-24 not yet calculated CVE-2023-3745
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. 2023-07-27 not yet calculated CVE-2023-37450
MISC
MISC
MISC
MISC
MISC codehaus-plexus — plexus-archiver Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist – the `resolveFile()` function will return the symlink’s source instead of its target, which will pass the verification that ensures the file will not be extracted outside of the destination directory. Later `Files.newOutputStream()`, that follows symlinks by default, will actually write the entry’s content to the symlink’s target. Whoever uses plexus archiver to extract an untrusted archive is vulnerable to an arbitrary file creation and possibly remote code execution. Version 4.8.0 contains a patch for this issue. 2023-07-25 not yet calculated CVE-2023-37460
MISC
MISC
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a CSP (Content Security Policy) nonce reuse vulnerability was discovered could allow cross-site scripting (XSS) attacks to bypass CSP protection for anonymous (i.e. unauthenticated) users. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack to bypass CSP and execute successfully. This vulnerability isn’t applicable to logged-in users. Version 3.1.0.beta7 contains a patch. The stable branch doesn’t have this vulnerability. A workaround to prevent the vulnerability is to disable Google Tag Manager, i.e., unset the `gtm container id` setting. 2023-07-28 not yet calculated CVE-2023-37467
MISC
MISC frrouting — frrouting A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. 2023-07-24 not yet calculated CVE-2023-3748
MISC
MISC libvirt — libvirt A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon. 2023-07-24 not yet calculated CVE-2023-3750
MISC
MISC assembly_software — trialworks A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter. 2023-07-24 not yet calculated CVE-2023-37613
MISC
MISC netdisco — netdisco Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm. 2023-07-26 not yet calculated CVE-2023-37623
MISC
MISC
MISC
MISC netdisco — netdisco Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links. 2023-07-26 not yet calculated CVE-2023-37624
MISC
MISC
MISC pligg_cms — pligg_cms Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to contain a remote code execution (RCE) vulnerability in the component admin_editor.php. 2023-07-25 not yet calculated CVE-2023-37677
MISC october_cms — october_cms An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file. 2023-07-26 not yet calculated CVE-2023-37692
MISC linux — kernel
  A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service. 2023-07-25 not yet calculated CVE-2023-3772
MISC
MISC linux — kernel
  A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. 2023-07-25 not yet calculated CVE-2023-3773
MISC
MISC yasm — yasm Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. 2023-07-26 not yet calculated CVE-2023-37732
MISC
MISC hashicorp — vault_enterprise An unhandled error in Vault Enterprise’s namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9. 2023-07-28 not yet calculated CVE-2023-3774
MISC powerjob — powerjob PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail. 2023-07-28 not yet calculated CVE-2023-37754
MISC
MISC
MISC linux — kernel A use-after-free vulnerability in the Linux kernel’s net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f. 2023-07-21 not yet calculated CVE-2023-3776
MISC
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Images Gallery for WooCommerce plugin <= 2.3.3 versions. 2023-07-27 not yet calculated CVE-2023-37894
MISC apache — jackrabbit Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component “commons-beanutils”, which contains a class that can be used for remote code execution over RMI. Users are advised to immediately update to versions 2.20.11 or 2.21.18. Note that earlier stable branches (1.0.x .. 2.18.x) have been EOLd already and do not receive updates anymore. In general, RMI support can expose vulnerabilities by the mere presence of an exploitable class on the classpath. Even if Jackrabbit itself does not contain any code known to be exploitable anymore, adding other components to your server can expose the same type of problem. We therefore recommend to disable RMI access altogether (see further below), and will discuss deprecating RMI support in future Jackrabbit releases. How to check whether RMI support is enabledRMI support can be over an RMI-specific TCP port, and over an HTTP binding. Both are by default enabled in Jackrabbit webapp/standalone. The native RMI protocol by default uses port 1099. To check whether it is enabled, tools like “netstat” can be used to check. RMI-over-HTTP in Jackrabbit by default uses the path “/rmi”. So when running standalone on port 8080, check whether an HTTP GET request on localhost:8080/rmi returns 404 (not enabled) or 200 (enabled). Note that the HTTP path may be different when the webapp is deployed in a container as non-root context, in which case the prefix is under the user’s control. Turning off RMIFind web.xml (either in JAR/WAR file or in unpacked web application folder), and remove the declaration and the mapping definition for the RemoteBindingServlet:         <servlet>             <servlet-name>RMI</servlet-name>             <servlet-class>org.apache.jackrabbit.servlet.remote.RemoteBindingServlet</servlet-class>         </servlet>         <servlet-mapping>             <servlet-name>RMI</servlet-name>             <url-pattern>/rmi</url-pattern>         </servlet-mapping> Find the bootstrap.properties file (in $REPOSITORY_HOME), and set         rmi.enabled=false     and also remove         rmi.host         rmi.port         rmi.url-pattern  If there is no file named bootstrap.properties in $REPOSITORY_HOME, it is located somewhere in the classpath. In this case, place a copy in $REPOSITORY_HOME and modify it as explained.   2023-07-25 not yet calculated CVE-2023-37895
MISC
MISC
MISC
MISC crossplane — crossplane Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, a high-privileged user could create a Package referencing an arbitrarily large image containing that Crossplane would then parse, possibly resulting in exhausting all the available memory and therefore in the container being OOMKilled. The impact is limited due to the high privileges required to be able to create the Package and the eventually consistency nature of controller. This issue is fixed in versions 1.11.5, 1.12.3, and 1.13.0. 2023-07-27 not yet calculated CVE-2023-37900
MISC
MISC indico — indico Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges (such as a speaker) and then someone else to attempt to delete this content. Considering that event organizers may want to delete suspicious-looking content when spotting it, there is a non-negligible risk of such an attack to succeed. The risk of this could be further increased when combined with some some social engineering pointing the victim towards this content. Users need to update to Indico 3.2.6 as soon as possible. See the docs for instructions on how to update. Users who cannot upgrade should only let trustworthy users manage categories, create events or upload materials (“submission” privileges on a contribution/event). This should already be the case in a properly-configured setup when it comes to category/event management. Note that a conference doing a Call for Abstracts actively invites external speakers (who the organizers may not know and thus cannot fully trust) to submit content, hence the need to update to a a fixed version ASAP in particular when using such workflows. 2023-07-21 not yet calculated CVE-2023-37901
MISC
MISC
MISC
MISC vyperlang — vyper Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine (EVM). Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that the if the compiler has been convinced to write to the 0 memory location with specially crafted data (generally, this can happen with a hashmap access or immutable read) just before the ecrecover, a signature check might pass on an invalid signature. Version 0.3.10 contains a patch for this issue. 2023-07-25 not yet calculated CVE-2023-37902
MISC
MISC vm2 — vm2 vm2 is an open source vm/sandbox for Node.js. In vm2 for versions up to and including 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code. This may result in Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox. There are no patches and no known workarounds. Users are advised to find an alternative software. 2023-07-21 not yet calculated CVE-2023-37903
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites. 2023-07-28 not yet calculated CVE-2023-37904
MISC
MISC ckeditor-wordcount-plugin — ckeditor-wordcount-plugin ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-07-21 not yet calculated CVE-2023-37905
MISC
MISC
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can edit a post in a topic and cause a DoS with a carefully crafted edit reason. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. 2023-07-28 not yet calculated CVE-2023-37906
MISC
MISC cryptomator — cryptomator Cryptomator is data encryption software for users who store their files in the cloud. Prior to version 1.9.2, the MSI installer provided on the homepage allows local privilege escalation (LPE) for low privileged users, if already installed. The problem occurs as the repair function of the MSI spawns two administrative CMDs. A simple LPE is possible via a breakout. Version 1.9.2 fixes this issue. 2023-07-25 not yet calculated CVE-2023-37907
MISC
MISC
MISC opendds — opendds OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-07-21 not yet calculated CVE-2023-37915
MISC
MISC kubepi –kubepi KubePi is an opensource kubernetes management panel. The endpoint /kubepi/api/v1/users/search?pageNum=1&&pageSize=10 leak password hash of any user (including admin). A sufficiently motivated attacker may be able to crack leaded password hashes. This issue has been addressed in version 1.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-07-21 not yet calculated CVE-2023-37916
MISC kubepi –kubepi KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the `isadmin` value in the request. As a result any user may take administrative control of KubePi. This issue has been addressed in version 1.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-07-21 not yet calculated CVE-2023-37917
MISC dapr –dapr Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. A vulnerability has been found in Dapr that allows bypassing API token authentication, which is used by the Dapr sidecar to authenticate calls coming from the application, with a well-crafted HTTP request. Users who leverage API token authentication are encouraged to upgrade Dapr to 1.10.9 or to 1.11.2. This vulnerability impacts Dapr users who have configured API token authentication. An attacker could craft a request that is always allowed by the Dapr sidecar over HTTP, even if the `dapr-api-token` in the request is invalid or missing. The issue has been fixed in Dapr 1.10.9 or to 1.11.2. There are no known workarounds for this vulnerability. 2023-07-21 not yet calculated CVE-2023-37918
MISC
MISC
MISC cal.com — cal.com Cal.com is open-source scheduling software. A vulnerability allows active sessions associated with an account to remain active even after enabling 2FA. When activating 2FA on a Cal.com account that is logged in on two or more devices, the account stays logged in on the other device(s) stays logged in without having to verify the account owner’s identity. As of time of publication, no known patches or workarounds exist. 2023-07-25 not yet calculated CVE-2023-37919
MISC certifi — python-certifi Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes “e-Tugra” root certificates. e-Tugra’s root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from “e-Tugra” from the root store. 2023-07-25 not yet calculated CVE-2023-37920
MISC
MISC
MISC wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions. 2023-07-27 not yet calculated CVE-2023-37970
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions. 2023-07-27 not yet calculated CVE-2023-37975
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Radio Forge Muses Player with Skins plugin <= 2.5 versions. 2023-07-27 not yet calculated CVE-2023-37976
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFunnels Team Drag & Drop Sales Funnel Builder for WordPress – WPFunnels plugin <= 2.7.16 versions. 2023-07-27 not yet calculated CVE-2023-37977
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions. 2023-07-27 not yet calculated CVE-2023-37979
MISC
MISC wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Custom Field For WP Job Manager plugin <= 1.1 versions. 2023-07-27 not yet calculated CVE-2023-37980
MISC wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPKube Authors List plugin <= 2.0.2 versions. 2023-07-27 not yet calculated CVE-2023-37981
MISC wordpress — wordpress Auth. Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany IT-RECHT KANZLEI plugin <= 1.7 versions. 2023-07-27 not yet calculated CVE-2023-37993
MISC otrs_ag — otrs Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. 2023-07-24 not yet calculated CVE-2023-38056
MISC otrs_ag — otrs An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent. This issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22. 2023-07-24 not yet calculated CVE-2023-38057
MISC otrs_ag — otrs
  An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission. This issue affects OTRS: from 8.0.X before 8.0.35. 2023-07-24 not yet calculated CVE-2023-38058
MISC otrs_ag — otrs Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment.  This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. 2023-07-24 not yet calculated CVE-2023-38060
MISC linux — kernel
  An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. 2023-07-24 not yet calculated CVE-2023-3812
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information. 2023-07-27 not yet calculated CVE-2023-38133
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products
  The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-38136
MISC
MISC datalust_seq — datalust_seq Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external (SQL Server or PostgreSQL) metadata storage is used. Exploitation can only occur from a high-privileged user account. 2023-07-22 not yet calculated CVE-2023-38195
MISC mulitple_vendors — multiple_products A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. 2023-07-24 not yet calculated CVE-2023-38200
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory. 2023-07-27 not yet calculated CVE-2023-38258
MISC
MISC apple — multiple_products A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data. 2023-07-27 not yet calculated CVE-2023-38259
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-38261
MISC
MISC trustwave — modsecurity Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity. 2023-07-26 not yet calculated CVE-2023-38285
MISC
MISC zoho — manageengine_support_center_plus Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS in the products module. 2023-07-28 not yet calculated CVE-2023-38331
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges. 2023-07-27 not yet calculated CVE-2023-38410
MISC
MISC pointware — easyinventory A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:Program Files (x86)EasyInventoryEasy2W.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-235193 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-23 not yet calculated CVE-2023-3842
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory. 2023-07-27 not yet calculated CVE-2023-38421
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-38424
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-38425
MISC
MISC fujitsu_limited — multiple_products Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900?D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007. 2023-07-26 not yet calculated CVE-2023-38433
MISC
MISC apache — felix_healthcheck_webconsole_plugin An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting (XSS) attack. Upgrade to Apache Felix Healthcheck Webconsole Plugin 2.1.0 or higher. 2023-07-25 not yet calculated CVE-2023-38435
MISC
MISC
MISC getkirby — kirby
  Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update a Kirby content file (e.g. via a contact or comment form). Kirby sites are *not* affected if they don’t allow write access for untrusted users or visitors. A field injection in a content storage implementation is a type of vulnerability that allows attackers with content write access to overwrite content fields that the site developer didn’t intend to be modified. In a Kirby site this can be used to alter site content, break site behavior or inject malicious data or code. The exact security risk depends on the field type and usage. Kirby stores content of the site, of pages, files and users in text files by default. The text files use Kirby’s KirbyData format where each field is separated by newlines and a line with four dashes (`—-`). When reading a KirbyData file, the affected code first removed the Unicode BOM sequence from the file contents and afterwards split the content into fields by the field separator. When writing to a KirbyData file, field separators in field data are escaped to prevent user input from interfering with the field structure. However this escaping could be tricked by including a Unicode BOM sequence in a field separator (e.g. `–xEFxBBxBF–`). When writing, this was not detected as a separator, but because the BOM was removed during reading, it could be abused by attackers to inject other field data into content files. Because each field can only be defined once per content file, this vulnerability only affects fields in the content file that were defined above the vulnerable user-writable field or not at all. Fields that are defined below the vulnerable field override the injected field content and were therefore already protected. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have fixed the affected code to only remove the Unicode BOM sequence at the beginning of the file. This fixes this vulnerability both for newly written as well as for existing content files. 2023-07-27 not yet calculated CVE-2023-38488
MISC
MISC
MISC
MISC
MISC
MISC
MISC getkirby — kirby
  Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby’s API and Panel are disabled in the config). It can only be abused if a Kirby user is logged in on a device or browser that is shared with potentially untrusted users or if an attacker already maliciously used a previous password to log in to a Kirby site as the affected user. Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization. In the variation described in this advisory, it allows attackers to stay logged in to a Kirby site on another device even if the logged in user has since changed their password. Kirby did not invalidate user sessions that were created with a password that was since changed by the user or by a site admin. If a user changed their password to lock out an attacker who was already in possession of the previous password or of a login session on another device or browser, the attacker would not be reliably prevented from accessing the Kirby site as the affected user. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have updated the authentication implementation to keep track of the hashed password in each active session. If the password changed since the login, the session is invalidated. To enforce this fix even if the vulnerability was previously abused, all users are logged out from the Kirby site after updating to one of the patched releases. 2023-07-27 not yet calculated CVE-2023-38489
MISC
MISC
MISC
MISC
MISC
MISC
MISC getkirby — kirby
  Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, ‘xml’)`) or the `Xml::parse()` method in site or plugin code. The Kirby core does not use any of the affected methods. XML External Entities (XXE) is a little used feature in the XML markup language that allows to include data from external files in an XML structure. If the name of the external file can be controlled by an attacker, this becomes a vulnerability that can be abused for various system impacts like the disclosure of internal or confidential data that is stored on the server (arbitrary file disclosure) or to perform network requests on behalf of the server (server-side request forgery, SSRF). Kirby’s `Xml::parse()` method used PHP’s `LIBXML_NOENT` constant, which enabled the processing of XML external entities during the parsing operation. The `Xml::parse()` method is used in the `Xml` data handler (e.g. `Data::decode($string, ‘xml’)`). Both the vulnerable method and the data handler are not used in the Kirby core. However they may be used in site or plugin code, e.g. to parse RSS feeds or other XML files. If those files are of an external origin (e.g. uploaded by a user or retrieved from an external URL), attackers may be able to include an external entity in the XML file that will then be processed in the parsing process. Kirby sites that don’t use XML parsing in site or plugin code are *not* affected. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have removed the `LIBXML_NOENT` constant as processing of external entities is out of scope of the parsing logic. This protects all uses of the method against the described vulnerability. 2023-07-27 not yet calculated CVE-2023-38490
MISC
MISC
MISC
MISC
MISC
MISC
MISC getkirby — kirby
  Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content folder. Kirby sites are not affected if they don’t allow file uploads for untrusted users or visitors or if the file extensions of uploaded files are limited to a fixed safe list. The attack requires user interaction by another user or visitor and cannot be automated. An editor with write access to the Kirby Panel could upload a file with an unknown file extension like `.xyz` that contains HTML code including harmful content like `<script>` tags. The direct link to that file could be sent to other users or visitors of the site. If the victim opened that link in a browser where they are logged in to Kirby and the file had not been opened by anyone since the upload, Kirby would not be able to send the correct MIME content type, instead falling back to `text/html`. The browser would then run the script, which could for example trigger requests to Kirby’s API with the permissions of the victim. The issue was caused by the underlying `KirbyHttpResponse::file()` method, which didn’t have an explicit fallback if the MIME type could not be determined from the file extension. If you use this method in site or plugin code, these uses may be affected by the same vulnerability. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have fixed the affected method to use a fallback MIME type of `text/plain` and set the `X-Content-Type-Options: nosniff` header if the MIME type of the file is unknown. 2023-07-27 not yet calculated CVE-2023-38491
MISC
MISC
MISC
MISC
MISC
MISC
MISC getkirby — kirby
  Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby’s API and Panel are disabled in the config). The real-world impact of this vulnerability is limited, however we still recommend to update to one of the patch releases because they also fix more severe vulnerabilities. Kirby’s authentication endpoint did not limit the password length. This allowed attackers to provide a password with a length up to the server’s maximum request body length. Validating that password against the user’s actual password requires hashing the provided password, which requires more CPU and memory resources (and therefore processing time) the longer the provided password gets. This could be abused by an attacker to cause the website to become unresponsive or unavailable. Because Kirby comes with a built-in brute force protection, the impact of this vulnerability is limited to 10 failed logins from each IP address and 10 failed logins for each existing user per hour. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have added password length limits in the affected code so that passwords longer than 1000 bytes are immediately blocked, both when setting a password and when logging in. 2023-07-27 not yet calculated CVE-2023-38492
MISC
MISC
MISC
MISC
MISC
MISC
MISC line — armeria Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might not invoked because of the matrix variables. If an attacker sends a specially crafted request, the request may bypass the authorizer. Version 1.24.3 contains a patch for this issue. 2023-07-25 not yet calculated CVE-2023-38493
MISC
MISC
MISC crossplane — crossplane Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane’s image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered with a Package. The problem has been fixed in 1.11.5, 1.12.3 and 1.13.0. As a workaround, only use images from trusted sources and keep Package editing/creating privileges to administrators only. 2023-07-27 not yet calculated CVE-2023-38495
MISC
MISC apptainer — apptainer Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems. A security fix has been included in Apptainer 1.2.1. There is no known workaround outside of upgrading to Apptainer 1.2.1. 2023-07-25 not yet calculated CVE-2023-38496
MISC
MISC
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. Users of multisite configurations should upgrade. 2023-07-28 not yet calculated CVE-2023-38498
MISC
MISC typo3 — typo3 TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. 2023-07-25 not yet calculated CVE-2023-38499
MISC
MISC
MISC sourcecodester — lost_and_found_information_system A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-235201 was assigned to this vulnerability. 2023-07-23 not yet calculated CVE-2023-3850
MISC
MISC typo3 — typo3
  TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious markup nested in a `noscript` element was not encoded correctly. `noscript` is disabled in the default configuration, but might have been enabled in custom scenarios. This allows bypassing the cross-site scripting mechanism of TYPO3 HTML Sanitizer. Versions 1.5.1 and 2.1.2 fix the problem. 2023-07-25 not yet calculated CVE-2023-38500
MISC
MISC
MISC copyparty — copyparty copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=…` and `?setck=…`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one’s copyparty accounts, unless one have inspected one’s logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue. 2023-07-25 not yet calculated CVE-2023-38501
MISC
MISC tdengine — tdengine TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested query. This issue affects TDengine Databases which let users connect and run arbitrary queries. Version 3.0.7.1 has a patch for this issue. 2023-07-25 not yet calculated CVE-2023-38502
MISC directus — directus Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters (i.e. `user_created IS $CURRENT_USER`) are not properly checked when using GraphQL subscription resulting in unauthorized users getting event on their subscription which they should not be receiving according to the permissions. This can be any collection but out-of-the box the `directus_users` collection is configured with such a permissions filter allowing you to get updates for other users when changes happen. Version 10.5.0 contains a patch. As a workaround, disable GraphQL subscriptions. 2023-07-25 not yet calculated CVE-2023-38503
MISC
MISC sails — sails Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client. 2023-07-27 not yet calculated CVE-2023-38504
MISC
MISC
MISC
MISC dietpi-dashboard — dietpi-dashboard DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won’t provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections. 2023-07-27 not yet calculated CVE-2023-38505
MISC
MISC
MISC
MISC tolgee — tolgee Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It’s important to note that this vulnerability only affects projects that have inadvertently exposed their API keys on the internet. Projects that have kept their API keys secure are not impacted. This issue is fixed in version 3.23.1. 2023-07-27 not yet calculated CVE-2023-38510
MISC
MISC
MISC
MISC wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Wpstream WpStream – Live Streaming, Video on Demand, Pay Per View plugin <= 4.5.4 versions. 2023-07-27 not yet calculated CVE-2023-38512
MISC openrapid — rapidcms A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/upload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-235204. 2023-07-23 not yet calculated CVE-2023-3852
MISC
MISC
MISC
MISC phpscriptpoint — bloodbank A vulnerability was found in phpscriptpoint BloodBank 1.1. It has been rated as problematic. This issue affects some unknown processing of the file page.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235205 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-23 not yet calculated CVE-2023-3853
MISC
MISC phpscriptpoint — bloodbank A vulnerability classified as critical has been found in phpscriptpoint BloodBank 1.1. Affected is an unknown function of the file /search of the component POST Parameter Handler. The manipulation of the argument country/city/blood_group_id leads to sql injection. It is possible to launch the attack remotely. VDB-235206 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-23 not yet calculated CVE-2023-3854
MISC
MISC phpscriptpoint — jobseeker A vulnerability classified as problematic was found in phpscriptpoint JobSeeker 1.5. Affected by this vulnerability is an unknown functionality of the file /search-result.php. The manipulation of the argument kw/lc/ct/cp/p leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235207. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3855
MISC
MISC fujitsu_limited — multiple_products Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows a network-adjacent unauthenticated attacker to obtain, change, and/or reset configuration settings of the affected products. Affected products and versions are as follows: Si-R 30B all versions, Si-R 130B all versions, Si-R 90brin all versions, Si-R570B all versions, Si-R370B all versions, Si-R220D all versions, Si-R G100 V02.54 and earlier, Si-R G200 V02.54 and earlier, Si-R G100B V04.12 and earlier, Si-R G110B V04.12 and earlier, Si-R G200B V04.12 and earlier, Si-R G210 V20.52 and earlier, Si-R G211 V20.52 and earlier, Si-R G120 V20.52 and earlier, Si-R G121 V20.52 and earlier, and SR-M 50AP1 all versions. 2023-07-26 not yet calculated CVE-2023-38555
MISC
MISC phpscriptpoint — ecommerce A vulnerability, which was classified as problematic, has been found in phpscriptpoint Ecommerce 1.15. Affected by this issue is some unknown functionality of the file /blog-single.php. The manipulation of the argument slug leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235208. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3856
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system. 2023-07-27 not yet calculated CVE-2023-38564
MISC apple — multiple_products A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to gain root privileges. 2023-07-27 not yet calculated CVE-2023-38565
MISC
MISC
MISC
MISC
MISC
MISC
MISC phpscriptpoint — ecommerce A vulnerability, which was classified as problematic, was found in phpscriptpoint Ecommerce 1.15. This affects an unknown part of the file /product.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235209 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3857
MISC
MISC apple — multiple_products This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences. 2023-07-28 not yet calculated CVE-2023-38571
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy. 2023-07-27 not yet calculated CVE-2023-38572
MISC
MISC
MISC
MISC
MISC
MISC phpscriptpoint — car_listing A vulnerability has been found in phpscriptpoint Car Listing 1.6 and classified as problematic. This vulnerability affects unknown code of the file /search.php. The manipulation of the argument country/state/city leads to cross site scripting. The attack can be initiated remotely. VDB-235210 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3858
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. 2023-07-27 not yet calculated CVE-2023-38580
MISC
MISC
MISC phpscriptpoint — car_listing A vulnerability was found in phpscriptpoint Car Listing 1.6 and classified as critical. This issue affects some unknown processing of the file /search.php of the component GET Parameter Handler. The manipulation of the argument brand_id/model_id/car_condition/car_category_id/body_type_id/fuel_type_id/transmission_type_id/year/mileage_start/mileage_end/country/state/city leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-235211. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3859
MISC
MISC apple — multiple_products A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. 2023-07-28 not yet calculated CVE-2023-38590
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution. 2023-07-28 not yet calculated CVE-2023-38592
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to cause a denial-of-service. 2023-07-27 not yet calculated CVE-2023-38593
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-38594
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-38595
MISC
MISC
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-38597
MISC
MISC
MISC
MISC apple — multiple_products A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-28 not yet calculated CVE-2023-38598
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. 2023-07-28 not yet calculated CVE-2023-38599
MISC
MISC
MISC
MISC
MISC
MISC phpscriptpoint — insurance A vulnerability was found in phpscriptpoint Insurance 1.2. It has been classified as problematic. Affected is an unknown function of the file /page.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-235212. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3860
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-38600
MISC
MISC
MISC
MISC
MISC apple — multiple_products This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to modify protected parts of the file system. 2023-07-28 not yet calculated CVE-2023-38601
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. 2023-07-27 not yet calculated CVE-2023-38602
MISC
MISC
MISC apple — multiple_products The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause a denial-of-service. 2023-07-27 not yet calculated CVE-2023-38603
MISC
MISC
MISC
MISC
MISC apple — multiple_products An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. 2023-07-28 not yet calculated CVE-2023-38604
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. 2023-07-27 not yet calculated CVE-2023-38606
MISC
MISC
MISC
MISC
MISC
MISC
MISC apple — macos_ventura The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.5. An app may be able to access user-sensitive data. 2023-07-27 not yet calculated CVE-2023-38608
MISC apple — macos_ventura An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences. 2023-07-28 not yet calculated CVE-2023-38609
MISC
MISC phpscriptpoint — insurance A vulnerability was found in phpscriptpoint Insurance 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-235213 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3861
MISC
MISC apple — multiple_products The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. 2023-07-27 not yet calculated CVE-2023-38611
MISC
MISC
MISC
MISC
MISC travelmate — trek_management_solution A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. VDB-235214 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-24 not yet calculated CVE-2023-3862
MISC
MISC linux — kernel A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue. 2023-07-24 not yet calculated CVE-2023-3863
MISC
MISC
MISC librsvg — librsvg A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=”.?../../../../../../../../../../etc/passwd” in an xi:include element. 2023-07-22 not yet calculated CVE-2023-38633
CONFIRM
MISC
MISC
MLIST
FULLDISC metabase — metabase/metabase_enterprise Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server’s privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. 2023-07-21 not yet calculated CVE-2023-38646
MISC
MISC
MISC
MISC apache — helix An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run in Helix REST start and Workflow creation. Affect all the versions lower and include 1.2.0. Affected products: helix-core, helix-rest Mitigation: Short term, stop using any YAML based configuration and workflow creation.                   Long term, all Helix version bumping up to 1.3.0  2023-07-26 not yet calculated CVE-2023-38647
MISC paddlepaddle — paddlepaddle Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition. 2023-07-26 not yet calculated CVE-2023-38669
MISC paddlepaddle — paddlepaddle Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service. 2023-07-26 not yet calculated CVE-2023-38670
MISC paddlepaddle — paddlepaddle Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. 2023-07-26 not yet calculated CVE-2023-38671
MISC paddlepaddle — paddlepaddle FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service. 2023-07-26 not yet calculated CVE-2023-38672
MISC paddlepaddle — paddlepaddle PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system. 2023-07-26 not yet calculated CVE-2023-38673
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an upper bound, the software may allow arbitrary users to generate DB queries which may end up exhausting the resources on the server. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. 2023-07-28 not yet calculated CVE-2023-38684
MISC
MISC discourse — discourse Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. 2023-07-28 not yet calculated CVE-2023-38685
MISC
MISC pandoc — pandoc Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the –extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of the process running Pandoc. It only affects systems that pass untrusted user input to Pandoc and allow Pandoc to be used to produce a PDF or with the –extract-media option. NOTE: this issue exists because of an incomplete fix for CVE-2023-35936 (failure to properly account for double encoded path names). 2023-07-25 not yet calculated CVE-2023-38745
MISC
MISC
MLIST onpremise_suremdm_solution — suremdm_onpremise Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version  2023-07-25 not yet calculated CVE-2023-3897
MISC jeesite — jeesite An issue in the delete function in the OaNotifyController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete notifications created by Administrators. 2023-07-28 not yet calculated CVE-2023-38988
MISC jeecg-boot — jeecg-boot jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData. 2023-07-28 not yet calculated CVE-2023-38992
MISC boofcv — boofcv BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. This vulnerability is exploited by loading a crafted camera calibration file. 2023-07-28 not yet calculated CVE-2023-39010
MISC duke — duke Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init. 2023-07-28 not yet calculated CVE-2023-39013
MISC webmagic-extension — webmagic-extension webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. 2023-07-28 not yet calculated CVE-2023-39015
MISC bboss-persistent — bboss-persistent bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39016
MISC quartz-jobs —  quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39017
MISC ffmpeg — ffmpeg FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39018
MISC stanford-parser — stanford-parser stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39020
MISC wix-embedded-mysql — wix-embedded-mysql wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39021
MISC oscore — oscore oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39022
MISC university_compass — university_compass university compass v2.2.0 and below was discovered to contain a code injection vulnerability in the component org.compass.core.executor.DefaultExecutorManager.configure. This vulnerability is exploited via passing an unchecked argument. 2023-07-28 not yet calculated CVE-2023-39023
MISC gnu_gdb — gnu_gdb GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. 2023-07-25 not yet calculated CVE-2023-39128
MISC gnu_gdb — gnu_gdb GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. 2023-07-25 not yet calculated CVE-2023-39129
MISC gnu_gdb — gnu_gdb GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. 2023-07-25 not yet calculated CVE-2023-39130
MISC jenkins — jenkins Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents. 2023-07-26 not yet calculated CVE-2023-39151
MISC
MISC jenkins — jenkins Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances. 2023-07-26 not yet calculated CVE-2023-39152
MISC
MISC jenkins — jenkins A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker’s account. 2023-07-26 not yet calculated CVE-2023-39153
MISC
MISC jenkins — jenkins Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2023-07-26 not yet calculated CVE-2023-39154
MISC
MISC jenkins — jenkins Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. 2023-07-26 not yet calculated CVE-2023-39155
MISC
MISC jenkins — jenkins A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags. 2023-07-26 not yet calculated CVE-2023-39156
MISC
MISC jetbrains — teamcity In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access 2023-07-25 not yet calculated CVE-2023-39173
MISC jetbrains — teamcity In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers 2023-07-25 not yet calculated CVE-2023-39174
MISC jetbrains — teamcity In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible 2023-07-25 not yet calculated CVE-2023-39175
MISC jetbrains — intellij_idea In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions 2023-07-26 not yet calculated CVE-2023-39261
MISC phpscriptpoint — lawyer A vulnerability was found in phpscriptpoint Lawyer 1.6 and classified as problematic. Affected by this issue is some unknown functionality of the file page.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235400. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-25 not yet calculated CVE-2023-3944
MISC
MISC phpscriptpoint — lawyer A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-07-25 not yet calculated CVE-2023-3945
MISC
MISC trellix — trellix_epo A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator’s session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO. 2023-07-26 not yet calculated CVE-2023-3946
MISC gz_scripts — availability_booking_calendar_php A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promo_code leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235568. 2023-07-27 not yet calculated CVE-2023-3969
MISC
MISC
MISC gz_scripts — availability_booking_calendar_php A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser&action=edit&id=1 of the component Image Handler. The manipulation of the argument img leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235569 was assigned to this vulnerability. 2023-07-27 not yet calculated CVE-2023-3970
MISC
MISC
MISC drawio — drawio Cross-site Scripting (XSS) – Reflected in GitHub repository jgraph/drawio prior to 21.6.3. 2023-07-27 not yet calculated CVE-2023-3973
MISC
MISC drawio — drawio OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0. 2023-07-27 not yet calculated CVE-2023-3974
MISC
MISC drawio — drawio OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0. 2023-07-27 not yet calculated CVE-2023-3975
MISC
MISC omeka-s — omeka-s Cross-site Scripting (XSS) – Stored in GitHub repository omeka/omeka-s prior to 4.0.2. 2023-07-27 not yet calculated CVE-2023-3980
MISC
MISC omeka-s — omeka-s Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2. 2023-07-27 not yet calculated CVE-2023-3981
MISC
MISC omeka-s — omeka-s Cross-site Scripting (XSS) – Stored in GitHub repository omeka/omeka-s prior to 4.0.2. 2023-07-27 not yet calculated CVE-2023-3982
MISC
MISC phpscriptpoint — recipepoint A vulnerability, which was classified as critical, was found in phpscriptpoint RecipePoint 1.9. This affects an unknown part of the file /recipe-result. The manipulation of the argument text/category/type/difficulty/cuisine/cooking_method leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-235605 was assigned to this vulnerability. 2023-07-28 not yet calculated CVE-2023-3984
MISC
MISC sourcecodester — online_jewelry_store A vulnerability has been found in SourceCodester Online Jewelry Store 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235606 is the identifier assigned to this vulnerability. 2023-07-28 not yet calculated CVE-2023-3985
MISC
MISC
MISC sourcecodester — simple_online_mens_salon_management_system A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name/Username leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235607. 2023-07-28 not yet calculated CVE-2023-3986
MISC
MISC
MISC sourcecodester — simple_online_mens_salon_management_system A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage_user&id=3. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235608. 2023-07-28 not yet calculated CVE-2023-3987
MISC
MISC
MISC cafe_billing_system — cafe_billing_system A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235609 was assigned to this vulnerability. 2023-07-28 not yet calculated CVE-2023-3988
MISC
MISC
MISC sourcecodester — online_jewelry_store A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-235610 is the identifier assigned to this vulnerability. 2023-07-28 not yet calculated CVE-2023-3989
MISC
MISC
MISC mingsoft — mcms A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-235611. 2023-07-28 not yet calculated CVE-2023-3990
MISC
MISC
MISC