CISA Bulletins - Vulnerability Summary for the Week of February 13, 2023

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).
C

CISA

Guest
Original release date: February 23, 2023



High Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
baicells -- neutrino_430_firmware​
Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce.​
2023-02-11​
10
CVE-2023-0776
MISC
webbuildersgroup -- silverstripe-kapost-bridge​
A vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched remotely. Upgrading to version 0.4.0 is able to address this issue. The name of the patch is 2e14b0fd0ea35034f90890f364b130fb4645ff35. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220471.​
2023-02-10​
9.8
CVE-2015-10077
MISC
MISC
MISC
MISC
apsystems -- ecu-r_firmware​
Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.​
2023-02-10​
9.8
CVE-2022-45699
MISC
MISC
codenameone -- codename_one​
A vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remotely. Upgrading to version 7.0.71 is able to address this issue. The name of the patch is dad49c9ef26a598619fc48d2697151a02987d478. It is recommended to upgrade the affected component. VDB-220470 is the identifier assigned to this vulnerability.​
2023-02-10​
9.8
CVE-2022-4903
MISC
MISC
MISC
MISC
MISC
medical_certificate_generator_app_project -- medical_certificate_generator_app​
A vulnerability has been found in SourceCodester Medical Certificate Generator App 1.0 and classified as critical. This vulnerability affects unknown code of the file action.php. The manipulation of the argument lastname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-220558 is the identifier assigned to this vulnerability.​
2023-02-10​
9.8
CVE-2023-0774
MISC
MISC
MISC
modoboa -- modoboa​
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.​
2023-02-10​
9.8
CVE-2023-0777
MISC
CONFIRM
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability​
2023-02-14​
9.8
CVE-2023-21689
MISC
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability​
2023-02-14​
9.8
CVE-2023-21690
MISC
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability​
2023-02-14​
9.8
CVE-2023-21692
MISC
microsoft -- multiple_products​
Microsoft Word Remote Code Execution Vulnerability​
2023-02-14​
9.8
CVE-2023-21716
MISC
microsoft -- windows_10/server_2008​
Windows iSCSI Discovery Service Remote Code Execution Vulnerability​
2023-02-14​
9.8
CVE-2023-21803
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter.​
2023-02-10​
9.8
CVE-2023-24348
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute.​
2023-02-10​
9.8
CVE-2023-24349
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.​
2023-02-10​
9.8
CVE-2023-24350
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS.​
2023-02-10​
9.8
CVE-2023-24352
MISC
MISC
wago -- unmanaged_switch_852-111/000-001​
In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.​
2023-02-16​
9.1
CVE-2022-3843
MISC
keystorage -- global_facilities_management_software​
Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.​
2023-02-10​
9.1
CVE-2022-45766
MISC
orangelab -- imagemagick_engine​
The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site administrator into performing an action such as clicking on a link, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.​
2023-02-10​
8.8
CVE-2022-3568
MISC
MISC
MISC
MISC
sierrawireless -- aleos​
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.​
2023-02-10​
8.8
CVE-2022-46649
MISC
MISC
MISC
pinpoint -- pinpoint_booking_system​
The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks.​
2023-02-13​
8.8
CVE-2023-0220
MISC
shortpixel -- enable_media_replace​
The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.​
2023-02-13​
8.8
CVE-2023-0255
MISC
ljapps -- wp_google_review_slider​
The WP Google Review Slider WordPress plugin before 11.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.​
2023-02-13​
8.8
CVE-2023-0259
MISC
ljapps -- wp_review_slider​
The WP Review Slider WordPress plugin before 12.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.​
2023-02-13​
8.8
CVE-2023-0260
MISC
ljapps -- wp_tripadvisor_review_slider​
The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.​
2023-02-13​
8.8
CVE-2023-0261
MISC
ljapps -- wp_airbnb_review_slider​
The WP Airbnb Review Slider WordPress plugin before 3.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.​
2023-02-13​
8.8
CVE-2023-0262
MISC
ljapps -- wp_yelp_review_slider​
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.​
2023-02-13​
8.8
CVE-2023-0263
MISC
ampache -- ampache​
SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop.​
2023-02-10​
8.8
CVE-2023-0771
CONFIRM
MISC
microsoft -- multiple_products​
Microsoft Exchange Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21529
MISC
microsoft -- multiple_products​
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21684
MISC
microsoft -- multiple_products​
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21685
MISC
microsoft -- multiple_products​
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21686
MISC
microsoft -- sql_server​
Microsoft SQL Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21705
MISC
microsoft -- multiple_products​
Microsoft Exchange Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21706
MISC
microsoft -- multiple_products​
Microsoft Exchange Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21707
MISC
microsoft -- sql_server​
Microsoft SQL Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21713
MISC
microsoft -- multiple_products​
Microsoft SharePoint Server Elevation of Privilege Vulnerability​
2023-02-14​
8.8
CVE-2023-21717
MISC
microsoft -- multiple_products​
Microsoft ODBC Driver Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21797
MISC
microsoft -- multiple_products​
Microsoft ODBC Driver Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21798
MISC
microsoft -- multiple_products​
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability​
2023-02-14​
8.8
CVE-2023-21799
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule.​
2023-02-10​
8.8
CVE-2023-24343
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup.​
2023-02-10​
8.8
CVE-2023-24344
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.​
2023-02-10​
8.8
CVE-2023-24345
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3.​
2023-02-10​
8.8
CVE-2023-24346
MISC
MISC
dlink -- dir-605l_firmware​
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus.​
2023-02-10​
8.8
CVE-2023-24347
MISC
MISC
microsoft -- azure_stack​
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability​
2023-02-14​
8.7
CVE-2023-21777
MISC
microsoft -- visual_studio​
Visual Studio Remote Code Execution Vulnerability​
2023-02-14​
8.4
CVE-2023-21815
MISC
microsoft -- visual_studio​
Visual Studio Remote Code Execution Vulnerability​
2023-02-14​
8.4
CVE-2023-23381
MISC
microsoft -- dynamics_365​
Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability​
2023-02-14​
8.3
CVE-2023-21778
MISC
microsoft -- edge​
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability​
2023-02-14​
8.3
CVE-2023-23374
MISC
microsoft -- power_bi_report_server​
Power BI Report Server Spoofing Vulnerability​
2023-02-14​
8.2
CVE-2023-21806
MISC
microsoft -- sql_server​
Microsoft SQL Server Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21528
MISC
microsoft -- visual_studio​
Visual Studio Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21566
MISC
adobe -- photoshop​
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21574
MISC
adobe -- photoshop​
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21575
MISC
adobe -- photoshop​
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21576
MISC
adobe -- framemaker​
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21619
MISC
adobe -- framemaker​
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21621
MISC
adobe -- framemaker​
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-21622
MISC
microsoft -- multiple_products​
NT OS Kernel Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21688
MISC
microsoft -- sql_server​
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21704
MISC
microsoft -- sql_server​
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21718
MISC
microsoft -- windows_server_2008​
Windows Installer Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21800
MISC
microsoft -- multiple_products​
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21801
MISC
microsoft -- multiple_products​
Windows Media Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21802
MISC
microsoft -- multiple_products​
Windows Graphics Component Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21804
MISC
microsoft -- multiple_products​
Windows MSHTML Platform Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21805
MISC
microsoft -- multiple_products​
.NET and Visual Studio Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21808
MISC
microsoft -- defender_security_intelligence_updates​
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability​
2023-02-14​
7.8
CVE-2023-21809
MISC
microsoft -- multiple_products​
Windows Common Log File System Driver Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21812
MISC
microsoft -- multiple_products​
Windows Kerberos Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21817
MISC
microsoft -- multiple_products​
Windows Graphics Component Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-21822
MISC
microsoft -- multiple_products​
Windows Graphics Component Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-21823
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22226
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22227
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22228
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22229
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22230
MISC
adobe -- premiere_rush​
Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22234
MISC
adobe -- animate​
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22236
MISC
adobe -- after_affects​
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22237
MISC
adobe -- after_affects​
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22238
MISC
adobe -- after_affects​
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22239
MISC
adobe -- animate​
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22243
MISC
adobe -- premiere_rush
Adobe Premiere Rush version 2.6 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22244
MISC
adobe -- animate
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
7.8
CVE-2023-22246
MISC
microsoft -- multiple_products​
Windows Common Log File System Driver Elevation of Privilege Vulnerability​
2023-02-14​
7.8
CVE-2023-23376
MISC
microsoft -- 3d_builder​
3D Builder Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-23377
MISC
microsoft -- print_3d​
Print 3D Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-23378
MISC
microsoft -- 3d_builder
3D Builder Remote Code Execution Vulnerability​
2023-02-14​
7.8
CVE-2023-23390
MISC
dell -- alienware_command_center​
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.​
2023-02-10​
7.8
CVE-2023-24569
MISC
wprealize -- extensive_vc_addons_for_wpbakery_page_builder​
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system.​
2023-02-13​
7.5
CVE-2023-0159
MISC
microsoft -- azure_devops_server​
Azure DevOps Server Remote Code Execution Vulnerability​
2023-02-14​
7.5
CVE-2023-21553
MISC
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability​
2023-02-14​
7.5
CVE-2023-21691
MISC
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability​
2023-02-14​
7.5
CVE-2023-21695
MISC
microsoft -- multiple_products​
Windows iSCSI Discovery Service Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21700
MISC
microsoft -- multiple_products​
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21701
MISC
microsoft -- multiple_products​
Windows iSCSI Service Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21702
MISC
microsoft -- multiple_products​
Windows iSCSI Service Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21811
MISC
microsoft -- multiple_products​
Windows Secure Channel Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21813
MISC
microsoft -- multiple_products​
Windows Active Directory Domain Services API Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21816
MISC
microsoft -- multiple_products​
Windows Secure Channel Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21818
MISC
microsoft -- multiple_products​
Windows Secure Channel Denial of Service Vulnerability​
2023-02-14​
7.5
CVE-2023-21819
MISC
apache -- nifi​
The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations and disallows XML External Entity resolution in the ExtractCCDAAttributes Processor.​
2023-02-10​
7.5
CVE-2023-22832
MISC
MISC
microsoft -- multiple_products​
Windows Distributed File System (DFS) Remote Code Execution Vulnerability​
2023-02-14​
7.4
CVE-2023-21820
MISC
microsoft -- sql_server​
Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability​
2023-02-14​
7.3
CVE-2023-21568
MISC
microsoft -- 365_apps_for_enterprise​
Microsoft Publisher Security Features Bypass Vulnerability​
2023-02-14​
7.3
CVE-2023-21715
MISC
microsoft -- exchange_server_2016/exchange_server_2019​
Microsoft Exchange Server Remote Code Execution Vulnerability​
2023-02-14​
7.2
CVE-2023-21710
MISC
microsoft -- azure_devops_server​
Azure DevOps Server Cross-Site Scripting Vulnerability​
2023-02-14​
7.1
CVE-2023-21564
MISC
dell -- alienware_update​
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete.​
2023-02-10​
7.1
CVE-2023-23698
MISC
dell -- command_\|_monitor​
Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.​
2023-02-10​
7.1
CVE-2023-24573
MISC
Back to top



Medium Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
microsoft -- multiple_products​
Windows Fax Service Remote Code Execution Vulnerability​
2023-02-14​
6.8
CVE-2023-21694
MISC
dell -- emc_powerscale_onefs​
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.​
2023-02-10​
6.7
CVE-2022-34454
MISC
cozmoslabs -- profile_builder​
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the [user_meta] shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that shortcode. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to retrieve sensitive user meta that can be used to gain access to a high privileged user account. This does require the Usermeta shortcode be enabled to be exploited.​
2023-02-14​
6.5
CVE-2023-0814
MISC
MISC
microsoft -- dynamics_365​
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability​
2023-02-14​
6.5
CVE-2023-21572
MISC
microsoft -- azure_data_box/azure_stack_edge​
Azure Data Box Gateway Remote Code Execution Vulnerability​
2023-02-14​
6.5
CVE-2023-21703
MISC
microsoft -- onenote​
Microsoft OneNote Spoofing Vulnerability​
2023-02-14​
6.5
CVE-2023-21721
MISC
microsoft -- azure_machine_learning​
Azure Machine Learning Compute Instance Information Disclosure Vulnerability​
2023-02-14​
6.5
CVE-2023-23382
MISC
microsoft -- defender_for_iot​
Microsoft Defender for IoT Elevation of Privilege Vulnerability​
2023-02-14​
6.4
CVE-2023-23379
MISC
microsoft -- multiple_products​
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability​
2023-02-14​
6.2
CVE-2023-21697
MISC
farsight -- provide_server​
Cross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form.​
2023-02-10​
6.1
CVE-2023-23286
MISC
MISC
microsoft -- dynamics_365​
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability​
2023-02-14​
5.8
CVE-2023-21807
MISC
microsoft -- multiple_products​
Microsoft PostScript Printer Driver Information Disclosure Vulnerability​
2023-02-14​
5.7
CVE-2023-21693
MISC
microsoft -- visual_studio​
Visual Studio Denial of Service Vulnerability​
2023-02-14​
5.6
CVE-2023-21567
MISC
dell -- r6515_firmware​
Dell PowerEdge BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.​
2023-02-10​
5.5
CVE-2022-34376
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.​
2023-02-13​
5.5
CVE-2023-0795
MISC
CONFIRM
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.​
2023-02-13​
5.5
CVE-2023-0796
CONFIRM
MISC
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.​
2023-02-13​
5.5
CVE-2023-0797
MISC
MISC
CONFIRM
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.​
2023-02-13​
5.5
CVE-2023-0798
CONFIRM
MISC
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.​
2023-02-13​
5.5
CVE-2023-0799
CONFIRM
MISC
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.​
2023-02-13​
5.5
CVE-2023-0800
CONFIRM
MISC
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.​
2023-02-13​
5.5
CVE-2023-0801
MISC
MISC
CONFIRM
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.​
2023-02-13​
5.5
CVE-2023-0802
CONFIRM
MISC
MISC
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.​
2023-02-13​
5.5
CVE-2023-0803
MISC
MISC
CONFIRM
libtiff -- libtiff​
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.​
2023-02-13​
5.5
CVE-2023-0804
MISC
MISC
CONFIRM
adobe -- photoshop​
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21577
MISC
adobe -- photoshop​
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21578
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21583
MISC
adobe -- framemaker​
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21584
MISC
adobe -- indesign​
Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21593
MISC
adobe -- framemaker​
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-21620
MISC

microsoft -- server_2022/windows_11
HTTP.sys Information Disclosure Vulnerability​
2023-02-14​
5.5
CVE-2023-21687
MISC
microsoft -- office/365_apps_for_enterprise​
Microsoft Office Information Disclosure Vulnerability​
2023-02-14​
5.5
CVE-2023-21714
MISC
adobe -- bridge​
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-22231
MISC
adobe -- after_affects​
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.​
2023-02-17​
5.5
CVE-2023-22233
MISC
pickplugins -- product_slider_for_woocommerce​
The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0166
MISC
zohocorp -- zoho_forms​
The Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0169
MISC
wpdevart -- social_like_box_and_page​
The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0177
MISC
yamaps_project -- yamaps​
The YaMaps for WordPress Plugin WordPress plugin before 0.6.26 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0270
MISC
tipsandtricks-hq -- easy_accept_payments_for_paypal​
The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0275
MISC
templatesnext -- templatesnext_toolkit​
The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
5.4
CVE-2023-0333
MISC
shapedplugin -- location_weather​
The Location Weather WordPress plugin before 1.3.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0360
MISC
themify -- portfolio_post​
Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
5.4
CVE-2023-0362
MISC
smartwp -- lightweight_accordion​
The Lightweight Accordion WordPress plugin before 1.5.15 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
5.4
CVE-2023-0373
MISC
rebelcode -- spotlight_social_feeds​
The Spotlight Social Feeds WordPress plugin before 1.4.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
5.4
CVE-2023-0379
MISC
microsoft -- dynamics_365​
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability​
2023-02-14​
5.4
CVE-2023-21570
MISC
microsoft -- dynamics_365​
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability​
2023-02-14​
5.4
CVE-2023-21571
MISC
microsoft -- dynamics_365​
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability​
2023-02-14​
5.4
CVE-2023-21573
MISC
huawei -- e5573cs-322_firmware​
There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.​
2023-02-10​
5.3
CVE-2018-7935
MISC
microsoft -- multiple_products​
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability​
2023-02-14​
5.3
CVE-2023-21699
MISC
microsoft -- edge​
Microsoft Edge (Chromium-based) Tampering Vulnerability​
2023-02-14​
5.3
CVE-2023-21720
MISC
adobe -- connect​
Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.​
2023-02-17​
5.3
CVE-2023-22232
MISC
sierrawireless -- aleos​
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.​
2023-02-10​
4.9
CVE-2022-46650
MISC
MISC
MISC
dell -- emc_powerscale_onefs​
Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields.​
2023-02-10​
4.8
CVE-2022-33934
MISC
formwork_project -- formwork​
A stored cross-site scripting (XSS) vulnerability in the component /formwork/panel/dashboard of Formwork v1.12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page title parameter.​
2023-02-10​
4.8
CVE-2023-24230
MISC
MISC
inventory_management_system_project -- inventory_management_system​
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/categories.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Categories Name parameter.​
2023-02-10​
4.8
CVE-2023-24231
MISC
MISC
inventory_management_system_project -- inventory_management_system​
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.​
2023-02-10​
4.8
CVE-2023-24232
MISC
MISC
inventory_management_system_project -- inventory_management_system​
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Client Name parameter.​
2023-02-10​
4.8
CVE-2023-24233
MISC
MISC
inventory_management_system_project -- inventory_management_system​
A stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter.​
2023-02-10​
4.8
CVE-2023-24234
MISC
MISC
microsoft -- multiple_products​
.NET Framework Denial of Service Vulnerability​
2023-02-14​
4.4
CVE-2023-21722
MISC
gptaipower -- gpt_ai_power​
The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts.​
2023-02-13​
4.3
CVE-2023-0405
MISC
microsoft -- edge​
Microsoft Edge (Chromium-based) Spoofing Vulnerability​
2023-02-14​
4.3
CVE-2023-21794
MISC
Back to top



Low Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
dell -- powerpath_management_appliance​
PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.​
2023-02-10​
2.7
CVE-2022-34452
MISC
Back to top



Severity Not Yet Assigned​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
walrusirc -- walrusirc​
A vulnerability was found in juju2143 WalrusIRC 0.0.2. It has been rated as problematic. This issue affects the function parseLinks of the file public/parser.js. The manipulation of the argument text leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 0.0.3 is able to address this issue. The name of the patch is 45fd885895ae13e8d9b3a71e89d59768914f60af. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220751.​
2023-02-13​
not yet calculated​
CVE-2015-10079
MISC
MISC
MISC
MISC

mozilla -- fierfox_for_ios
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.​
2023-02-16​
not yet calculated​
CVE-2019-17003
MISC

mozilla -- fierfox_esr
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.​
2023-02-16​
not yet calculated​
CVE-2020-12413
MISC
MISC
mvp-player -- mvp​
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.​
2023-02-17​
not yet calculated​
CVE-2020-19824
MISC
kimai2 -- kimai2​
Cross Site Scripting (XSS) vulnerability in kevinpapst kimai2 1.30.0 in /src/Twig/Runtime/MarkdownExtension.php, allows attackers to gain escalated privileges.​
2023-02-15​
not yet calculated​
CVE-2020-19825
MISC
MISC
kliqqi-cms -- kliqqi-cms​
SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordIDValue parameter, allows attackers to gain escalated privileges and execute arbitrary code.​
2023-02-15​
not yet calculated​
CVE-2020-21119
MISC
uqcms -- uqcms​
SQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num.​
2023-02-15​
not yet calculated​
CVE-2020-21120
MISC
MISC
online_doctor_appointment_booking_system -- online_doctor_appointment_booking_system​
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.​
2023-02-17​
not yet calculated​
CVE-2020-29168
MISC
MISC
MISC
kong -- lua-multipart​
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The name of the patch is d632e5df43a2928fd537784a99a79dec288bf01b. It is recommended to upgrade the affected component. VDB-220642 is the identifier assigned to this vulnerability.​
2023-02-12​
not yet calculated​
CVE-2020-36661
MISC
MISC
MISC
MISC
MISC
mozilla -- bleach​
bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).​
2023-02-16​
not yet calculated​
CVE-2020-6817
MISC
MISC
intel -- 3rd_gen_intel_xeon_scalable_processor​
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2021-0187
MISC

mozilla -- bleach
A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.​
2023-02-16​
not yet calculated​
CVE-2021-23980
MISC
MISC
vivo -- frame_service​
The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions.​
2023-02-17​
not yet calculated​
CVE-2021-26277
CONFIRM
phpfusion -- phpfusion​
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature.​
2023-02-17​
not yet calculated​
CVE-2021-3172
MISC
MISC
libraw -- libraw​
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.​
2023-02-17​
not yet calculated​
CVE-2021-32142
MISC
MISC
MISC
MISC
mosn -- mosn​
Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.​
2023-02-17​
not yet calculated​
CVE-2021-32163
MISC
MISC
schism_tracker -- schism_tracker​
An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.​
2023-02-17​
not yet calculated​
CVE-2021-32419
MISC
MISC
exponent-cms -- exponent-cms​
SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class.​
2023-02-17​
not yet calculated​
CVE-2021-32441
MISC
MISC
moby -- hyperkit​
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, virtio.c has is a call to vc_cfgread that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit df0e46c7dbfd81a957d85e449ba41b52f6f7beb4.​
2023-02-17​
not yet calculated​
CVE-2021-32843
MISC
MISC
CONFIRM
moby -- hyperkit​
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, vi_pci_write has is a call to vc_cfgwrite that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit 451558fe8aaa8b24e02e34106e3bb9fe41d7ad13.​
2023-02-17​
not yet calculated​
CVE-2021-32844
MISC
MISC
CONFIRM
moby -- hyperkit​
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of qnotify at pci_vtrnd_notify fails to check the return value of vq_getchain. This leads to struct iovec iov; being uninitialized and used to read memory in len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len); when an attacker is able to make vq_getchain fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.​
2023-02-17​
not yet calculated​
CVE-2021-32845
MISC
MISC
CONFIRM
moby -- hyperkit​
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function pci_vtsock_proc_tx in virtio-sock can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to VTSOCK_MAXSEGS, but that check is not sufficient because the function can return -1 if it finds an error it cannot recover from. Moreover, the negative return value will be used by iovec_pull in a while condition that can further lead to more corruption because the function is not designed to handle a negative iov_len. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit af5eba2360a7351c08dfd9767d9be863a50ebaba.​
2023-02-17​
not yet calculated​
CVE-2021-32846
MISC
MISC
CONFIRM
intel -- ofu_software​
Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2021-33104
MISC
saltstack -- saltstack​
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file.​
2023-02-17​
not yet calculated​
CVE-2021-33226
MISC
ymfe -- yapo​
Cross Site Scripting vulnerability in YMFE yapo v1.9.1 allows attacker to execute arbitrary code via the remark parameter of the interface edit page.​
2023-02-17​
not yet calculated​
CVE-2021-33237
MISC
virtualsquare -- pictotcp​
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.​
2023-02-15​
not yet calculated​
CVE-2021-33304
MISC
htacg -- html_tidy​
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.​
2023-02-17​
not yet calculated​
CVE-2021-33391
MISC
baijiacms -- baijiacms​
Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.​
2023-02-15​
not yet calculated​
CVE-2021-33396
MISC
cms-corephp -- cms-corephp
SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a crafted login.​
2023-02-15​
not yet calculated​
CVE-2021-33925
MISC
plone -- plone_cms
An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet.​
2023-02-17​
not yet calculated​
CVE-2021-33926
MISC
MISC
MISC
fantasticlbp -- hotels_server​
SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter.​
2023-02-17​
not yet calculated​
CVE-2021-33948
MISC
feminer -- wms
An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function.​
2023-02-17​
not yet calculated​
CVE-2021-33949
MISC
openkm -- document_management_system​
An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.​
2023-02-17​
not yet calculated​
CVE-2021-33950
MISC
MISC
MISC
dvidelabs -- flatcc​
Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function.​
2023-02-17​
not yet calculated​
CVE-2021-33983
MISC
seopanel -- seopanel​
SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information.​
2023-02-15​
not yet calculated​
CVE-2021-34117
MISC
MISC
MISC
lizhifaka -- lizhifaka​
Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location.​
2023-02-17​
not yet calculated​
CVE-2021-34164
MISC
ttyd -- ttyd​
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions.​
2023-02-17​
not yet calculated​
CVE-2021-34182
MISC
yupoxion -- bearadmin​
File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint.​
2023-02-17​
not yet calculated​
CVE-2021-35261
MISC
dataease -- dataease​
SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10.​
2023-02-15​
not yet calculated​
CVE-2021-38239
MISC
flatcore -- flatcore-cms​
Cross site scripting (XSS) vulnerability in flatCore-CMS 2.2.15 allows attackers to execute arbitrary code via description field on the new page creation form.​
2023-02-16​
not yet calculated​
CVE-2021-40555
MISC
fortinet -- fortiweb​
Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2021-42756
MISC
fortinet -- fortiweb​
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session.​
2023-02-16​
not yet calculated​
CVE-2021-42761
MISC
fortinet -- multiple_products​
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.​
2023-02-16​
not yet calculated​
CVE-2021-43074
MISC
mozilla -- thunderbird​
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.​
2023-02-16​
not yet calculated​
CVE-2021-43529
MISC
mruby -- mruby​
An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash.​
2023-02-14​
not yet calculated​
CVE-2021-46023
MISC
mozilla -- mozilla_pollbot​
There was an open redirection vulnerability pollbot, which was used in https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/ An attacker could have redirected anyone to malicious sites.​
2023-02-16​
not yet calculated​
CVE-2022-0637
MISC
MISC
cisco -- clamav​
A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.​
2023-02-17​
not yet calculated​
CVE-2022-20803
CISCO
crypto -- crypto_api_toolkit_for_intel_sgx​
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-21163
MISC
intel -- atom/xeon_scalable_processors​
Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.​
2023-02-16​
not yet calculated​
CVE-2022-21216
MISC
dell -- emc_unity​
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.​
2023-02-14​
not yet calculated​
CVE-2022-22564
MISC
intel -- oneapi_data_analytics_library/oneapi_base_toolkit​
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-25905
MISC
glance -- glance​
Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in CVE-2018-3715.​
2023-02-13​
not yet calculated​
CVE-2022-25937
MISC
MISC
usememos -- memos​
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.​
2023-02-15​
not yet calculated​
CVE-2022-25978
MISC
MISC
MISC
intel -- c++_compiler_classic​
Improper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler Classic before version 2021.6 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-25987
MISC
intel -- oneapi_toolkits_oneapi-cli​
Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-25992
MISC
intel -- distribution_for_python_programming_language_for_intel_oneapi_toolkits​
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26032
MISC
intel -- mpi_library_for_intel_oneapi_hpc_toolkit​
Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26052
MISC
intel -- trace_analyzer_and_collector_for_intel_oneapi_hpc​
Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26062
MISC
intel -- oneapi_deep_neural_network​
Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26076
MISC
fortinet -- fortisandbox​
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox before 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.​
2023-02-16​
not yet calculated​
CVE-2022-26115
MISC
intel -- multiple_products​
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26343
MISC
intel -- oneapi_toolkit_openmp​
Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26345
MISC
intel -- dpc++/c++_compiler​
Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26421
MISC
intel -- oneapi_collective_communications_library/oneapi_base_toolkit​
Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26425
MISC
intel -- sgx_sdk​
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26509
MISC
intel -- fpga_add-on_for_intel_oneapi_base_toolkit​
Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26512
MISC
intel -- multiple_products​
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26837
MISC
intel -- quartus_prime_pro_and_standard_editions​
Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26840
MISC
intel -- sgx_sdk_software_for_linux​
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26841
MISC
intel -- dpc++/c++_compiler​
Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-26843
MISC
intel -- quartus_prime_pro_and_standard_editions​
Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-26888
MISC
intel -- media_sdk​
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-27170
MISC
intel -- computer_vision_annotation_tool​
Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.​
2023-02-16​
not yet calculated​
CVE-2022-27234
MISC
fortinet -- fortiadc​
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as root via CLI commands.​
2023-02-16​
not yet calculated​
CVE-2022-27482
MISC
fortinet -- fortiextender​
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2022-27489
MISC
intel -- ethernet_controller_administrative_tools​
Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-27808
MISC
palantir -- atlasdb​
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of AtlasDB, the vulnerability was mitigated by other network controls such as two-way TLS when deployed as part of a Palantir platform. Palantir still recommends upgrading to a non-vulnerable version out of an abundance of caution.​
2023-02-16​
not yet calculated​
CVE-2022-27890
MISC
palantir -- gotham​
Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0.​
2023-02-16​
not yet calculated​
CVE-2022-27891
MISC
palantir -- gotham​
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.​
2023-02-16​
not yet calculated​
CVE-2022-27892
MISC
palantir -- gotham​
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server.​
2023-02-16​
not yet calculated​
CVE-2022-27897
MISC
fortinet -- fortios​
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.​
2023-02-16​
not yet calculated​
CVE-2022-29054
MISC
integrated_bmc -- integrated_bmc​
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.​
2023-02-16​
not yet calculated​
CVE-2022-29493
MISC
openbmc -- openbmc​
Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.​
2023-02-16​
not yet calculated​
CVE-2022-29494
MISC
intel -- sur​
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-29514
MISC
intel -- open_cas​
Improper conditions check in the Open CAS software maintained by Intel(R) before version 22.3.1 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-29523
MISC
lexisnexis_firco_compliance_link -- lexisnexis_firco_compliance_link​
LexisNexis Firco Compliance Link 3.7 allows CSRF.​
2023-02-15​
not yet calculated​
CVE-2022-29557
MISC
fortinet -- fortiweb​
A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests.​
2023-02-16​
not yet calculated​
CVE-2022-30299
MISC
fortinet -- fortiweb​
A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.​
2023-02-16​
not yet calculated​
CVE-2022-30300
MISC
fortinet -- fortiweb​
An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions may allow an authenticated attacker to execute arbitrary shell code as root user via crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2022-30303
MISC
fortinet -- fortianalyzer​
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack event logview in FortiAnalyzer.​
2023-02-16​
not yet calculated​
CVE-2022-30304
MISC
fortinet -- fortiweb​
A stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted password.​
2023-02-16​
not yet calculated​
CVE-2022-30306
MISC
intel -- integrated_sensor_solution​
Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-30339
MISC
intel -- dsa​
Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-30530
MISC
intel -- iris_xe max_drivers_for_windows​
Out-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 may allow a privileged user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-30531
MISC
intel -- multiple_products​
Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-30539
MISC
intel -- sur​
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access.​
2023-02-16​
not yet calculated​
CVE-2022-30692
MISC
intel -- multiple_products​
Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-30704
MISC
enocean -- echelon_smartserver​
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.​
2023-02-13​
not yet calculated​
CVE-2022-3089
MISC
intel -- sur​
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-31476
MISC
siemens -- sipass_integrated_ac5102​
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.​
2023-02-14​
not yet calculated​
CVE-2022-31808
MISC
intel -- multiple_products​
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-32231
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32469
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32470
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the command buffer contents with DMA after the input parameters have been checked but before they are used, the IHISI SMM code may be convinced to modify SMRAM or OS, leading to possible data corruption or escalation of privileges.​
2023-02-15​
not yet calculated​
CVE-2022-32471
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32473
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32474
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue was fixed in the kernel, which also protected chipset and OEM chipset code.​
2023-02-15​
not yet calculated​
CVE-2022-32475
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32476
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32477
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.​
2023-02-15​
not yet calculated​
CVE-2022-32478
MISC
MISC

intel -- quartus_prime_pro_and_standard_editions
Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-32570
MISC
intel -- trace_analyzer_and collector​
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-32575
MISC
intel -- dsa​
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-32764
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.​
2023-02-15​
not yet calculated​
CVE-2022-32953
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.​
2023-02-15​
not yet calculated​
CVE-2022-32954
MISC
MISC
insyde -- insydeh2o​
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.​
2023-02-15​
not yet calculated​
CVE-2022-32955
MISC
MISC
intel -- sur​
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-32971
MISC
infoblox -- bloxone_endpoint_for_windows​
Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation.​
2023-02-17​
not yet calculated​
CVE-2022-32972
MISC
MISC
intel -- sur​
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33190
MISC
intel -- xeon_processors_with_intelâ_software_guard_extensions​
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33196
MISC
fortinet -- fortiwan​
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.​
2023-02-16​
not yet calculated​
CVE-2022-33869
MISC
fortinet -- fortiweb​
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI execute backup-local rename and execute backup-local show operations.​
2023-02-16​
not yet calculated​
CVE-2022-33871
MISC
intel -- quartus_prime_pro_and_standard_editions​
Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33892
MISC
intel -- quartus_prime_pro_and_standard_editions​
Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33902
MISC
intel -- sur​
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33946
MISC
intel -- sur​
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-33964
MISC
intel -- 3rd generation_xeon_scalable_processors​
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-33972
MISC
gitlab-- gitlab​
A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.​
2023-02-13​
not yet calculated​
CVE-2022-3411
MISC
MISC
CONFIRM
intel -- battery_life_diagnostic_tool​
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34153
MISC
intel -- quartus_prime_pro_and_standard_editions​
Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34157
MISC
intel -- media_sdk​
Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34346
MISC
ibm -- qradar_siem​
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.​
2023-02-17​
not yet calculated​
CVE-2022-34351
MISC
MISC
dell -- unisphere_for_powermax​
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.​
2023-02-13​
not yet calculated​
CVE-2022-34397
MISC
intel -- media_sdk​
Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34841
MISC
intel -- trace_analyzer_and collector​
Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34843
MISC
intel -- iris_xe max_drivers_for_windows​
Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34849
MISC
intel -- sur​
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34854
MISC
intel -- trace_analyzer_and collector​
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-34864
MISC
openbmc -- openbmc​
Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.​
2023-02-16​
not yet calculated​
CVE-2022-35729
MISC
siemens -- multiple_products​
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.​
2023-02-14​
not yet calculated​
CVE-2022-35868
MISC
intel -- media_sdk​
NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-35883
MISC
intel -- battery_life_diagnostic_tool​
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36278
MISC
intel -- fcs_server​
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may allow a privileged user to potentially enable denial of service via physical access.​
2023-02-16​
not yet calculated​
CVE-2022-36287
MISC
intel -- media_sdk​
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36289
MISC
intel -- sps_firmware​
Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36348
MISC
intel - qatzip​
Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36369
MISC
intel -- multiple_products​
Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36382
MISC
intel -- qat_drivers_for_linux​
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36397
MISC
intel -- battery_life_diagnostic_tool​
Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36398
MISC
intel --ethernet_500_series_controller_drivers_for_vmware​
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36416
MISC
ibm -- security verify access​
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.​
2023-02-17​
not yet calculated​
CVE-2022-36775
MISC
MISC
intel -- sps_firmware​
Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36794
MISC
intel --ethernet_500_series_controller_drivers_for_vmware​
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access.​
2023-02-16​
not yet calculated​
CVE-2022-36797
MISC
intel -- quartus_prime_pro_and_standard_editions​
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-37329
MISC
intel -- qat_drivers_for_windows​
Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-37340
MISC
gitlab -- gitlab​
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child pipelines and make a sidekiq job allocate a lot of memory. In GitLab instances where Sidekiq is memory-limited, this may cause Denial of Service.​
2023-02-13​
not yet calculated​
CVE-2022-3759
MISC
CONFIRM
MISC
intel -- ema​
Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.​
2023-02-16​
not yet calculated​
CVE-2022-38056
MISC
intel -- multiple_products​
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-38090
MISC
solarwinds -- platform​
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2022-38111
MISC
MISC
fortinet -- fortinac​
An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests.​
2023-02-16​
not yet calculated​
CVE-2022-38375
MISC
fortinet -- fortinac​
Multiple improper neutralization of input during web page generation ('Cross-site Scripting') vulnerabilities [CWE-79] in Fortinet FortiNAC portal UI before 9.4.1 allows an attacker to perform an XSS attack via crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2022-38376
MISC
fortinet -- multiple_products​
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.​
2023-02-16​
not yet calculated​
CVE-2022-38378
MISC

qaelum -- dose
Qaelum DOSE 18.08 through 21.1 before 21.2 allows Directory Traversal via the loadimages name parameter. It allows a user to specify an arbitrary location on the server's filesystem from which to load an image. (Only images are displayed to the attacker. All other files are loaded but not displayed.) The Content-Type response header reflects the actual content type of the file being requested. This allows an attacker to enumerate files on the local system. Additionally, remote resources can be requested via a UNC path, allowing an attacker to coerce authentication out from the server to the attackers machine.​
2023-02-16​
not yet calculated​
CVE-2022-38731
MISC
MISC
rttys -- rttys​
SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, and 4.0.2 in api.go, allows attackers to execute arbitrary code.​
2023-02-15​
not yet calculated​
CVE-2022-38867
MISC
ehoney -- ehoney​
SQL Injection vulnerability in Ehoney version 2.0.0 in models/protocol.go and models/images.go, allows attackers to execute arbitrary code.​
2023-02-15​
not yet calculated​
CVE-2022-38868
MISC

wordpress -- wordpress
The WP FullCalendar WordPress plugin before 1.5 does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones.​
2023-02-13​
not yet calculated​
CVE-2022-3891
MISC

niterforum -- niterforum
An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges.​
2023-02-15​
not yet calculated​
CVE-2022-38935
MISC

fortinet -- multiple_products
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)​
2023-02-16​
not yet calculated​
CVE-2022-39948
MISC
fortinet -- fortinac​
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.​
2023-02-16​
not yet calculated​
CVE-2022-39952
MISC
fortinet -- fortinac​
An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.7, FortiNAC version 9.1.0 through 9.1.8, FortiNAC version 8.8.0 through 8.8.11, FortiNAC version 8.7.0 through 8.7.6, FortiNAC version 8.6.0 through 8.6.5, FortiNAC version 8.5.0 through 8.5.4, FortiNAC version 8.3.7 allows attacker to read arbitrary files or trigger a denial of service via specifically crafted XML documents.​
2023-02-16​
not yet calculated​
CVE-2022-39954
MISC
ireader -- media-server​
Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service.​
2023-02-15​
not yet calculated​
CVE-2022-40016
MISC
qvidium_technologies -- amino_a140​
QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a command injection vulnerability.​
2023-02-17​
not yet calculated​
CVE-2022-40021
MISC
microsemi -- syncserver_s650​
Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability.​
2023-02-13​
not yet calculated​
CVE-2022-40022
MISC
MISC
MISC
MISC
sourcecodester -- simple_task_managing_system​
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.​
2023-02-17​
not yet calculated​
CVE-2022-40032
MISC
MISC
MISC
acer -- aspire​
Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.​
2023-02-16​
not yet calculated​
CVE-2022-40080
MISC
MISC

ibm -- sterling_b2b_integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.​
2023-02-17​
not yet calculated​
CVE-2022-40231
MISC
MISC

ibm -- sterling_b2b_integrator
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.​
2023-02-17​
not yet calculated​
CVE-2022-40232
MISC
MISC
intern_record_system -- intern_record_system​
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.​
2023-02-17​
not yet calculated​
CVE-2022-40347
MISC
MISC
MISC
intern_record_system -- intern_record_system​
Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code.​
2023-02-18​
not yet calculated​
CVE-2022-40348
MISC
MISC
MISC

fortinet -- fortinac
Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7, 9.1.0 through 9.1.8, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an attacker to decrypt and forge protocol communication messages.​
2023-02-16​
not yet calculated​
CVE-2022-40675
MISC

fortinet -- fortinac
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters.​
2023-02-16​
not yet calculated​
CVE-2022-40677
MISC

fortinet -- fortinac
An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords.​
2023-02-16​
not yet calculated​
CVE-2022-40678
MISC
fortinet -- fortiweb​
A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands​
2023-02-16​
not yet calculated​
CVE-2022-40683
MISC
optinlyhq -- optinly​
Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions.​
2023-02-13​
not yet calculated​
CVE-2022-41134
MISC
intel -- network_adapter_installer_software​
Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.​
2023-02-16​
not yet calculated​
CVE-2022-41314
MISC

fortinet -- fortios
An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked.​
2023-02-16​
not yet calculated​
CVE-2022-41334
MISC

fortinet -- multiple_products
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2022-41335
MISC
gitlab -- gitlab​
A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a malicious project.​
2023-02-13​
not yet calculated​
CVE-2022-4138
CONFIRM
MISC
MISC

tibco -- multiple_products
The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.2.1 and below and TIBCO Operational Intelligence Hawk RedTail: versions 7.2.0 and below.​
2023-02-14​
not yet calculated​
CVE-2022-41564
CONFIRM
CONFIRM
intel -- on_event_series_android_application​
Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access.​
2023-02-16​
not yet calculated​
CVE-2022-41614
MISC
ibm -- maximo_asset_management​
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 237587.​
2023-02-17​
not yet calculated​
CVE-2022-41734
MISC
MISC

asus -- ec_tool_driver
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.​
2023-02-15​
not yet calculated​
CVE-2022-42455
MISC
fortinet -- multiple_products​
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.​
2023-02-16​
not yet calculated​
CVE-2022-42472
MISC
apache -- shenyu​
Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .​
2023-02-15​
not yet calculated​
CVE-2022-42735
MISC

b&r-automation -- system_diagnostics_manager
A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.​
2023-02-14​
not yet calculated​
CVE-2022-4286
MISC

fujifilm -- driver_distributor
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.​
2023-02-13​
not yet calculated​
CVE-2022-43460
MISC
MISC
wordpress -- wordpress​
Cross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data plugin <= 1.7.0.6 versions.​
2023-02-14​
not yet calculated​
CVE-2022-43469
MISC
ibm -- sterling_b2b_integrator​
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684.​
2023-02-17​
not yet calculated​
CVE-2022-43579
MISC
MISC

ibm -- multiple_products
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.​
2023-02-17​
not yet calculated​
CVE-2022-43927
MISC
MISC

ibm -- multiple_products
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.​
2023-02-17​
not yet calculated​
CVE-2022-43929
MISC
MISC

ibm -- multiple_products
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.​
2023-02-17​
not yet calculated​
CVE-2022-43930
MISC
MISC

fortinet -- fortiportal
An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page.​
2023-02-16​
not yet calculated​
CVE-2022-43954
MISC
ricoh -- mp_c4504ex​
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials.​
2023-02-16​
not yet calculated​
CVE-2022-43969
MISC
MISC

siteservercms -- siteservercms
SiteServerCMS 7.1.3 sscms has a file read vulnerability.​
2023-02-16​
not yet calculated​
CVE-2022-44299
MISC
wordpress -- wordpress​
The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.​
2023-02-13​
not yet calculated​
CVE-2022-4445
MISC
wordpress -- wordpress​
The GiveWP WordPress plugin before 2.24.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4448
MISC
wordpress -- wordpress​
The amr shortcode any widget WordPress plugin through 4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4458
MISC
wordpress -- wordpress​
The YARPP WordPress plugin through 5.30.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4471
MISC
wordpress -- wordpress​
The Widget Shortcode WordPress plugin through 0.3.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4473
MISC
wordpress -- wordpress​
The Widgets on Pages WordPress plugin through 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4488
MISC
wordpress -- wordpress​
The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2022-4512
MISC
suse -- multiple_products​
An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.​
2023-02-15​
not yet calculated​
CVE-2022-45153
CONFIRM
suse -- multiple_products​
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.​
2023-02-15​
not yet calculated​
CVE-2022-45154
CONFIRM
ithacalabs --vsourz_digital​
Vsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS).​
2023-02-13​
not yet calculated​
CVE-2022-45285
MISC
MISC
pandora_fms -- artica​
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.​
2023-02-15​
not yet calculated​
CVE-2022-45436
CONFIRM
pandora_fms -- artica​
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload without interaction and attacker can get information.​
2023-02-15​
not yet calculated​
CVE-2022-45437
CONFIRM
acronis -- multiple_products​
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.​
2023-02-13​
not yet calculated​
CVE-2022-45454
MISC
acronis -- multiple_products​
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.​
2023-02-13​
not yet calculated​
CVE-2022-45455
MISC
wordpress -- wordpress​
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.​
2023-02-13​
not yet calculated​
CVE-2022-4546
MISC
MISC
wordpress -- wordpress​
The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4551
MISC

discuzx -- discuzx
Cross site scripting (XSS) vulnerability in DiscuzX 3.4 allows attackers to execute arbitrary code via the datetline, title, tpp, or username parameters via the audit search.​
2023-02-15​
not yet calculated​
CVE-2022-45543
MISC
screencheck_badgemaker -- screencheck_badgemaker​
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing.​
2023-02-15​
not yet calculated​
CVE-2022-45546
MISC

xpdfreader -- xpdfreader
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.​
2023-02-15​
not yet calculated​
CVE-2022-45586
MISC

xpdfreader -- xpdfreader
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.​
2023-02-15​
not yet calculated​
CVE-2022-45587
MISC
wordpress -- wordpress​
The Meks Flexible Shortcodes WordPress plugin before 1.3.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4562
MISC
arris -- router​
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.​
2023-02-17​
not yet calculated​
CVE-2022-45701
MISC
MISC
comfast -- router​
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests.​
2023-02-13​
not yet calculated​
CVE-2022-45724
MISC
MISC
MISC
comfast -- router​
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request​
2023-02-13​
not yet calculated​
CVE-2022-45725
MISC
MISC
MISC
wordpress -- wordpress​
The Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4580
MISC

open_solutions_for_education -- opensis_community_edition
Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php.​
2023-02-13​
not yet calculated​
CVE-2022-45962
MISC
MISC
MISC
CONFIRM
MISC
wordpress -- wordpress​
The Easy PayPal Buy Now Button WordPress plugin before 1.7.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4628
MISC
wordpress -- wordpress​
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.5 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.​
2023-02-13​
not yet calculated​
CVE-2022-4656
MISC
wordpress -- wordpress​
The TemplatesNext ToolKit WordPress plugin before 3.2.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2022-4678
MISC
wordpress -- wordpress​
The Lightbox Gallery WordPress plugin before 0.9.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4682
MISC
wordpress -- wordpress​
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions.​
2023-02-14​
not yet calculated​
CVE-2022-46862
MISC
ampere_computing -- multiple_products​
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.​
2023-02-15​
not yet calculated​
CVE-2022-46892
MISC
playsms -- playsms​
A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows attackers to bypass authentication.​
2023-02-13​
not yet calculated​
CVE-2022-47034
MISC
MISC
pandora_fms -- console
Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.​
2023-02-15​
not yet calculated​
CVE-2022-47372
CONFIRM
pandora_fms -- console​
Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.​
2023-02-15​
not yet calculated​
CVE-2022-47373
CONFIRM
wordpress -- wordpress
The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.​
2023-02-13​
not yet calculated​
CVE-2022-4745
MISC
solarwinds -- platform​
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2022-47503
MISC
MISC
solarwinds -- platform​
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2022-47504
MISC
MISC
solarwinds -- platform​
SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2022-47506
MISC
MISC
solarwinds -- platform​
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2022-47507
MISC
MISC
solarwinds -- platform​
Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.​
2023-02-15​
not yet calculated​
CVE-2022-47508
MISC
MISC
wordpress -- wordpress​
The GigPress WordPress plugin before 2.3.28 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4759
MISC
tianjie -- cpe906-3​
TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5.0_LCD_20200513, Firmware Version MV8.003, and Hardware Version CPF906-V5.0_LCD_20200513.​
2023-02-16​
not yet calculated​
CVE-2022-47703
MISC
wordpress -- wordpress​
The Youtube Channel Gallery WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2022-4783
MISC
siemens -- multiple_products​
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2022-47936
MISC
siemens -- multiple_products
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2022-47977
MISC
ibm -- aspera_faspex​
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.​
2023-02-17​
not yet calculated​
CVE-2022-47986
MISC
MISC
genymotion -- desktop​
Genymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attackers to escalate privileges and execute arbitrary code via a crafted DLL.​
2023-02-13​
not yet calculated​
CVE-2022-48077
MISC
MISC
jspreadsheet -- jspreadsheet​
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting (XSS).​
2023-02-17​
not yet calculated​
CVE-2022-48115
MISC
MISC
wordpress -- wordpress​
The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.​
2023-02-13​
not yet calculated​
CVE-2022-4830
MISC
palantir -- gotham
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242.​
2023-02-16​
not yet calculated​
CVE-2022-48306
MISC
palantir -- magritte-ftp​
It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of a successful man in the middle attack on magritte-ftp, an attacker would be able to read and modify network traffic such as authentication tokens or raw data entering a Palantir Foundry stack.​
2023-02-16​
not yet calculated​
CVE-2022-48307
MISC
palantir -- sls-logging​
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service.​
2023-02-16​
not yet calculated​
CVE-2022-48308
MISC
netgear -- nighthawk_wifi_mesh​
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.​
2023-02-13​
not yet calculated​
CVE-2022-48322
MISC
sunlogin -- sunflower_simplified​
Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the pathname of the powershell.exe program.​
2023-02-13​
not yet calculated​
CVE-2022-48323
MISC
MISC
MISC
mapos -- mapos
Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) pesquisa, (2) data, (3) data2, (4) nome, (5) descricao, (6) idDocumentos, (7) id in file application/controllers/Arquivos.php; (8) senha, (9) nomeCliente, (10) contato, (11) documento, (12) telefone, (13) celular, (14) email, (15) rua, (16) numero, (17) complemento, (18) bairro, (19) cidade, (20) estado, (21) cep, (22) idClientes, (23) id in file application/controllers/Clientes.php; (24) id, (25) tipo, (26) forma_pagamento, (27) gateway_de_pagamento, (28) excluir_id, (29) confirma_id, (30) cancela_id in file application/controllers/Cobrancas.php; (31) vencimento_de, (32) vencimento_ate, (33) cliente, (34) tipo, (35) status, (36) valor_desconto, (37) desconto, (38) periodo, (39) per_page, (40) urlAtual, (41) vencimento, (42) recebimento, (43) valor, (44) recebido, (45) formaPgto, (46) desconto_parc, (47) entrada, (48) qtdparcelas_parc, (49) valor_parc, (50) dia_pgto, (51) dia_base_pgto, (52) comissao, (53) descricao_parc, (54) cliente_parc, (55) observacoes_parc, (56) formaPgto_parc, (57) tipo_parc, (58) pagamento, (59) pago, (60) valor_desconto_editar, (61) descricao, (62) fornecedor, (63) observacoes, (64) id in file application/controllers/Financeiro.php; (65) refGarantia, (66) textoGarantia, (67) idGarantias in file application/controllers/Garantias.php; (68) email, (69) senha in file application/controllers/Login.php.​
2023-02-16​
not yet calculated​
CVE-2022-48324
MISC
MISC
MISC
mapos -- mapos
Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) year, (2) oldSenha, (3) novaSenha, (4) termo, (5) nome, (6) cnpj, (7) ie, (8) cep, (9) logradouro, (10) numero, (11) bairro, (12) cidade, (13) uf, (14) telefone, (15) email, (16) id, (17) app_name, (18) per_page, (19) app_theme, (20) os_notification, (21) email_automatico, (22) control_estoque, (23) notifica_whats, (24) control_baixa, (25) control_editos, (26) control_edit_vendas, (27) control_datatable, (28) pix_key, (29) os_status_list, (30) control_2vias, (31) status, (32) start, (33) end in file application/controllers/Mapos.php; (34) token, (35) senha, (36) email, (37) nomeCliente, (38) documento, (39) telefone, (40) celular, (41) rua, (42) numero, (43) complemento, (44) bairro, (45) cidade, (46) estado, (47) cep, (48) idClientes, (49) descricaoProduto, (50) defeito in file application/controllers/Mine.php; (51) pesquisa, (52) status, (53) data, (54) data2, (55) dataInicial, (56) dataFinal, (57) termoGarantia, (58) garantias_id, (59) clientes_id, (60) usuarios_id, (61) idOs, (62) garantia, (63) descricaoProduto, (64) defeito, (65) observacoes, (66) laudoTecnico, (67) id, (68) preco, (69) quantidade, (70) idProduto, (71) idOsProduto, (72) produto, (73) idServico, (74) idOsServico, (75) desconto, (76) tipoDesconto, (77) resultado, (78) vencimento, (79) recebimento, (80) os_id, (81) valor, (82) recebido, (83) formaPgto, (84) tipo, (85) anotacao, (86) idAnotacao in file application/controllers/Os.php.​
2023-02-16​
not yet calculated​
CVE-2022-48325
MISC
MISC
MISC
mapos -- mapos
Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) nome, (2) aCliente, (3) eCliente, (4) dCliente, (5) vCliente, (6) aProduto, (7) eProduto, (8) dProduto, (9) vProduto, (10) aServico, (11) eServico, (12) dServico, (13) vServico, (14) aOs, (15) eOs, (16) dOs, (17) vOs, (18) aVenda, (19) eVenda, (20) dVenda, (21) vVenda, (22) aGarantia, (23) eGarantia, (24) dGarantia, (25) vGarantia, (26) aArquivo, (27) eArquivo, (28) dArquivo, (29) vArquivo, (30) aPagamento, (31) ePagamento, (32) dPagamento, (33) vPagamento, (34) aLancamento, (35) eLancamento, (36) dLancamento, (37) vLancamento, (38) cUsuario, (39) cEmitente, (40) cPermissao, (41) cBackup, (42) cAuditoria, (43) cEmail, (44) cSistema, (45) rCliente, (46) rProduto, (47) rServico, (48) rOs, (49) rVenda, (50) rFinanceiro, (51) aCobranca, (52) eCobranca, (53) dCobranca, (54) vCobranca, (55) situacao, (56) idPermissao, (57) id in file application/controllers/Permissoes.php; (58) precoCompra, (59) precoVenda, (60) descricao, (61) unidade, (62) estoque, (63) estoqueMinimo, (64) idProdutos, (65) id, (66) estoqueAtual in file application/controllers/Produtos.php.​
2023-02-16​
not yet calculated​
CVE-2022-48326
MISC
MISC
MISC
mapos -- mapos
Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) dataInicial, (2) dataFinal, (3) tipocliente, (4) format, (5) precoInicial, (6) precoFinal, (7) estoqueInicial, (8) estoqueFinal, (9) de_id, (10) ate_id, (11) clientes_id, (12) origem, (13) cliente, (14) responsavel, (15) status, (16) tipo, (17) situacao in file application/controllers/Relatorios.php; (18) preco, (19) nome, (20) descricao, (21) idServicos, (22) id in file application/controllers/Servicos.php; (23) senha, (24) permissoes_id, (25) idUsuarios, (26) situacao, (27) nome, (28) rg, (29) cpf, (30) cep, (31) rua, (32) numero, (33) bairro, (34) cidade, (35) estado, (36) email, (37) telefone, (38) celular in file application/controllers/Usuarios.php; (39) dataVenda, (40) observacoes, (41) observacoes_cliente, (42) clientes_id, (43) usuarios_id, (44) idVendas, (45) id, (46) idVendasProduto, (47) preco, (48) quantidade, (49) idProduto, (50) produto, (51) desconto, (52) tipoDesconto, (53) resultado, (54) vendas_id, (55) vencimento, (56) recebimento, (57) valor, (58) recebido, (59) formaPgto, (60) tipo in file application/controllers/Vendas.php; (61) situacao, (62) periodo, (63) vencimento_de, (64) vencimento_ate, (65) tipo, (66) status, (67) cliente in file application/views/financeiro/lancamentos.php; (68) year in file application/views/mapos/painel.php; (69) pesquisa in file application/views/os/os.php; (70) etiquetaCode in file application/views/relatorios/imprimir/imprimirEtiquetas.php.​
2023-02-16​
not yet calculated​
CVE-2022-48327
MISC
MISC
MISC
wordpress -- wordpress
A vulnerability was found in UDX Stateless Media Plugin 3.1.1. It has been declared as problematic. This vulnerability affects the function setup_wizard_interface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.2.0 is able to address this issue. The name of the patch is 6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a. It is recommended to upgrade the affected component. VDB-220750 is the identifier assigned to this vulnerability.​
2023-02-13​
not yet calculated​
CVE-2022-4905
MISC
MISC
MISC
MISC
MISC
sap_se -- grc​
In SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100, GRCPINW V1100_700, GRCPINW V1100_731, GRCPINW V1200_750, remote-enabled function module in the proprietary SAP solution enables an authenticated attacker with minimal privileges to access all the confidential data stored in the database. Successful exploitation of this vulnerability can expose user credentials from client-specific tables of the database, leading to high impact on confidentiality.​
2023-02-14​
not yet calculated​
CVE-2023-0019
MISC
MISC
sap_se -- businessobjects_business_intelligence_platform​
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-0020
MISC
MISC
sap_se -- solution_manager
SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in Cross-Site Scripting vulnerability.​
2023-02-14​
not yet calculated​
CVE-2023-0024
MISC
MISC
sap_se -- solution_manager​
SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources.​
2023-02-14​
not yet calculated​
CVE-2023-0025
MISC
MISC
wordpress -- wordpress​
The JetWidgets For Elementor WordPress plugin through 1.0.13 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks​
2023-02-13​
not yet calculated​
CVE-2023-0034
MISC
wordpress -- wordpress​
The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2023-0060
MISC
wordpress -- wordpress​
The Judge.me Product Reviews for WooCommerce WordPress plugin before 1.3.21 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2023-0061
MISC
wordpress -- wordpress
The Amazon JS WordPress plugin through 0.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2023-0075
MISC
wordpress -- wordpress​
The Customer Reviews for WooCommerce WordPress plugin before 5.16.0 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that given that they have the upload_file capability.​
2023-02-13​
not yet calculated​
CVE-2023-0080
MISC
wordpress -- wordpress​
The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber.​
2023-02-13​
not yet calculated​
CVE-2023-0098
MISC
wordpress -- wordpress​
The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.​
2023-02-13​
not yet calculated​
CVE-2023-0099
MISC
ls_electric -- xbc-dn32u​
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.​
2023-02-15​
not yet calculated​
CVE-2023-0102
MISC
ls_electric -- xbc-dn32u​
If an attacker were to access memory locations of LS ELECTRIC XBC-DN32U with operating system version 01.80 that are outside of the communication buffer, the device stops operating. This could allow an attacker to cause a denial-of-service condition.​
2023-02-15​
not yet calculated​
CVE-2023-0103
MISC
wordpress -- wordpress​
The uTubeVideo Gallery WordPress plugin before 2.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.​
2023-02-13​
not yet calculated​
CVE-2023-0151
MISC
gnutls -- gnutls​
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.​
2023-02-15​
not yet calculated​
CVE-2023-0361
MISC
MISC
MISC
MLIST
hashicorp -- gogetter​
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0.​
2023-02-16​
not yet calculated​
CVE-2023-0475
MISC
resteasy -- resteasy​
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.​
2023-02-17​
not yet calculated​
CVE-2023-0482
MISC
gitlab -- gitlab​
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. It was possible to trigger a DoS attack by uploading a malicious Helm chart.​
2023-02-13​
not yet calculated​
CVE-2023-0518
CONFIRM
MISC
MISC
php -- php​
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.​
2023-02-16​
not yet calculated​
CVE-2023-0568
MISC
sonicwall -- email_security​
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.​
2023-02-14​
not yet calculated​
CVE-2023-0655
CONFIRM
php -- php​
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.​
2023-02-16​
not yet calculated​
CVE-2023-0662
MISC
multiple_vendors -- inverter​
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. Upgrading to version MW3_16U_5406_1.53 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-220769 was assigned to this vulnerability.​
2023-02-13​
not yet calculated​
CVE-2023-0808
MISC
MISC
MISC
btcpayserver -- btcpayserver​
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.​
2023-02-13​
not yet calculated​
CVE-2023-0810
CONFIRM
MISC

gpac -- gpac
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.​
2023-02-13​
not yet calculated​
CVE-2023-0817
MISC
CONFIRM

gpac -- gpac
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.​
2023-02-13​
not yet calculated​
CVE-2023-0818
MISC
CONFIRM

gpac -- gpac
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.​
2023-02-13​
not yet calculated​
CVE-2023-0819
MISC
CONFIRM

hashicorp -- multiple_products
HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.​
2023-02-16​
not yet calculated​
CVE-2023-0821
MISC

delta_electronics -- dianergie
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.​
2023-02-17​
not yet calculated​
CVE-2023-0822
MISC

pimcore -- pimcore
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17.​
2023-02-14​
not yet calculated​
CVE-2023-0827
MISC
CONFIRM

easynas -- easynas
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-220950 is the identifier assigned to this vulnerability.​
2023-02-14​
not yet calculated​
CVE-2023-0830
MISC
MISC
MISC

phpcrazy -- phpcrazy
A vulnerability classified as problematic was found in PHPCrazy 1.1.1. This vulnerability affects unknown code of the file admin/admin.php?action=users&mode=info&user=2. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221086 is the identifier assigned to this vulnerability.​
2023-02-15​
not yet calculated​
CVE-2023-0840
MISC
MISC
MISC

gpac -- gpac
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.​
2023-02-15​
not yet calculated​
CVE-2023-0841
MISC
MISC
MISC

netgear -- wndr3700v2
A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. It has been rated as problematic. This issue affects some unknown processing of the component Web Management Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221147.​
2023-02-15​
not yet calculated​
CVE-2023-0848
MISC
MISC

netgear -- wndr3700v2
A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221152.​
2023-02-15​
not yet calculated​
CVE-2023-0849
MISC
MISC

netgear -- wndr3700v2
A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. This issue affects some unknown processing of the component Web Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221153 was assigned to this vulnerability.​
2023-02-15​
not yet calculated​
CVE-2023-0850
MISC
MISC

modoboa --modoboa-installer
Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4.​
2023-02-16​
not yet calculated​
CVE-2023-0860
CONFIRM
MISC
netmodule -- nsrw​
NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.​
2023-02-16​
not yet calculated​
CVE-2023-0861
MISC
MISC

netmodule -- nsrw
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.​
2023-02-16​
not yet calculated​
CVE-2023-0862
MISC
MISC

gpac -- gpac
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.​
2023-02-16​
not yet calculated​
CVE-2023-0866
CONFIRM
MISC

froxlor -- froxlor
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.​
2023-02-17​
not yet calculated​
CVE-2023-0877
CONFIRM
MISC

nuxt -- nuxt
Cross-site Scripting (XSS) - Generic in GitHub repository nuxt/framework prior to 3.2.1.​
2023-02-17​
not yet calculated​
CVE-2023-0878
MISC
CONFIRM

btcpayserver -- btcpay_server
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.​
2023-02-17​
not yet calculated​
CVE-2023-0879
CONFIRM
MISC
phpmyfaq -- phpmyfaq​
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.​
2023-02-17​
not yet calculated​
CVE-2023-0880
MISC
CONFIRM

kron_technologies --kron_tech_single_connect
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16.​
2023-02-17​
not yet calculated​
CVE-2023-0882
MISC
MISC

sourcecodester -- online_pizza_ordering_system
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221350 is the identifier assigned to this vulnerability.​
2023-02-17​
not yet calculated​
CVE-2023-0883
MISC
MISC
MISC

tftpd64 -- tftpd64
A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The associated identifier of this vulnerability is VDB-221351.​
2023-02-17​
not yet calculated​
CVE-2023-0887
MISC
MISC

wordpress -- wordpress
The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrative privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.​
2023-02-17​
not yet calculated​
CVE-2023-0895
MISC
MISC

pixelfed -- pixelfed
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pixelfed/pixelfed prior to 0.11.4.​
2023-02-18​
not yet calculated​
CVE-2023-0901
CONFIRM
MISC

sourcecodester -- simple_food_ordering_system
A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451.​
2023-02-18​
not yet calculated​
CVE-2023-0902
MISC
MISC
MISC

sourcecodester -- employee_task_management_system
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument task_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221452.​
2023-02-18​
not yet calculated​
CVE-2023-0903
MISC
MISC
MISC

sourcecodester -- employee_task_management_system
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221453 was assigned to this vulnerability.​
2023-02-18​
not yet calculated​
CVE-2023-0904
MISC
MISC
MISC

sourcecodester -- employee_task_management_system
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221454 is the identifier assigned to this vulnerability.​
2023-02-18​
not yet calculated​
CVE-2023-0905
MISC
MISC
MISC
sourcecodester -- online_pizza_ordering_system​
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-221455.​
2023-02-18​
not yet calculated​
CVE-2023-0906
MISC
MISC

filseclab -- twister_antivirus
A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is some unknown functionality in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221456.​
2023-02-18​
not yet calculated​
CVE-2023-0907
MISC
MISC
MISC

xoslab -- easy_file_locker
A vulnerability, which was classified as problematic, was found in Xoslab Easy File Locker 2.2.0.184. This affects the function MessageNotifyCallback in the library xlkfs.sys. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221457 was assigned to this vulnerability.​
2023-02-18​
not yet calculated​
CVE-2023-0908
MISC
MISC
MISC

snyk -- cxasm/notepad
A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. This affects an unknown part of the component Directory Comparison Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The associated identifier of this vulnerability is VDB-221475.​
2023-02-18​
not yet calculated​
CVE-2023-0909
MISC
MISC
MISC

sourcecodester -- online_pizza_ordering_system
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-221476.​
2023-02-18​
not yet calculated​
CVE-2023-0910
MISC
MISC

sourcecodester -- auto_dealer_management_system
A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. This affects an unknown part of the file /adms/admin/?page=vehicles/view_transaction. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221481 was assigned to this vulnerability.​
2023-02-18​
not yet calculated​
CVE-2023-0912
MISC
MISC
MISC

sourcecodester -- auto_dealer_management_system
A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sell_vehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221482 is the identifier assigned to this vulnerability.​
2023-02-18​
not yet calculated​
CVE-2023-0913
MISC
MISC
MISC
google -- androidmanifest.xml​
In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503​
2023-02-15​
not yet calculated​
CVE-2023-20927
MISC
google -- multiple_products​
In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A​
2023-02-15​
not yet calculated​
CVE-2023-20949
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22345
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22346
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22347
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22349
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22350
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22353
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.​
2023-02-13​
not yet calculated​
CVE-2023-22360
MISC
MISC
MISC
akindo_sushiro_company_limited -- sushiro_app_for_android​
SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.1​
2023-02-13​
not yet calculated​
CVE-2023-22362
MISC
MISC
MISC
MISC
MISC
MISC
betrend_corporation/ichiran_incorporated -- ichiran_app_for_ios/ichiran_app_for_android​
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.​
2023-02-13​
not yet calculated​
CVE-2023-22367
MISC
MISC
MISC

elecom -- multiple_products
Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.​
2023-02-15​
not yet calculated​
CVE-2023-22368
MISC
MISC
fujitsu_limited -- tsclinical_define.xml_generator_and_tsclinical_metadata_desktop_tools​
Improper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0. If this vulnerability is exploited, an attacker may obtain an arbitrary file which meets a certain condition by reading a specially crafted XML file.​
2023-02-15​
not yet calculated​
CVE-2023-22377
MISC
MISC
github -- enterprise_server​
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.6. This vulnerability was reported via the GitHub Bug Bounty program.​
2023-02-16​
not yet calculated​
CVE-2023-22380
MISC
git -- git​
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links, the objects directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with --recurse-submodules. Instead, consider cloning repositories without recursively cloning their submodules, and instead run git submodule update at each layer. Before doing so, inspect each new .gitmodules file to ensure that it does not contain suspicious module URLs.​
2023-02-14​
not yet calculated​
CVE-2023-22490
MISC
MISC
MISC
feathers-sequalize -- sequelize.js​
Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.​
2023-02-16​
not yet calculated​
CVE-2023-22578
MISC
MISC
feathers-sequalize -- sequelize.js​
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.​
2023-02-16​
not yet calculated​
CVE-2023-22579
MISC
MISC
feathers-sequalize -- sequelize.js​
Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure.​
2023-02-16​
not yet calculated​
CVE-2023-22580
MISC
MISC

south_river_technologies -- titan_ftp
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.​
2023-02-14​
not yet calculated​
CVE-2023-22629
MISC
MISC
MISC

fortinet -- fortinac
Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.​
2023-02-16​
not yet calculated​
CVE-2023-22638
MISC
git_for_windows -- git_for_windows
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This potentially allows users with local write access to place malicious payloads in a location where automated upgrades might run the Git for Windows installer with elevation. Version 2.39.2 contains a patch for this issue. Some workarounds are available. Never leave untrusted files in the Downloads folder or its sub-folders before executing the Git for Windows installer, or move the installer into a different directory before executing it.​
2023-02-14​
not yet calculated​
CVE-2023-22743
MISC
MISC
MISC
MISC
MISC
MISC

ls_electric -- xbc-dn32u
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily.​
2023-02-15​
not yet calculated​
CVE-2023-22803
MISC

ls_electric -- xbc-dn32u
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device.​
2023-02-15​
not yet calculated​
CVE-2023-22804
MISC

ls_electric -- xbc-dn32u
LS ELECTRIC XBC-DN32U with operating system version 01.80 has improper access control to its read prohibition feature. This could allow a remote attacker to remotely set the feature to lock users out of reading data from the device.​
2023-02-15​
not yet calculated​
CVE-2023-22805
MISC

ls_electric -- xbc-dn32u
LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.​
2023-02-15​
not yet calculated​
CVE-2023-22806
MISC

ls_electric -- xbc-dn32u
LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.​
2023-02-15​
not yet calculated​
CVE-2023-22807
MISC

mitel -- micontact_center_business_server
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.​
2023-02-13​
not yet calculated​
CVE-2023-22854
MISC
MISC
mlog_mcc -- mlog_mcc​
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code.​
2023-02-15​
not yet calculated​
CVE-2023-22855
MISC
FULLDISC
MISC

ibm -- aspera_faspex
IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.​
2023-02-17​
not yet calculated​
CVE-2023-22868
MISC
MISC

splunk -- enterprise
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.​
2023-02-14​
not yet calculated​
CVE-2023-22931
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64-encoded image. The vulnerability affects instances with Splunk Web enabled. It does not affect Splunk Enterprise versions below 9.0.​
2023-02-14​
not yet calculated​
CVE-2023-22932
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’. The vulnerability affects instances with Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22933
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser. The vulnerability affects instances with Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22934
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22935
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment.​
2023-02-14​
not yet calculated​
CVE-2023-22936
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Lookup table file extensions may now be one of the following only: .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl. For more information on lookup table files, see About lookups.​
2023-02-14​
not yet calculated​
CVE-2023-22937
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance.​
2023-02-14​
not yet calculated​
CVE-2023-22938
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22939
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the exposing of data to a summary index that unprivileged users could access. The vulnerability requires a higher privileged user to initiate a request within their browser, and only affects instances with Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22940
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).​
2023-02-14​
not yet calculated​
CVE-2023-22941
MISC
MISC
splunk -- enterprise​
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG App Key Value Store (KV store) collections using an HTTP GET request. SSG is a Splunk-built app that comes with Splunk Enterprise. The vulnerability affects instances with SSG and Splunk Web enabled.​
2023-02-14​
not yet calculated​
CVE-2023-22942
MISC
MISC
splunk -- multiple_products​
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. The vulnerability affects AoB and apps that AoB generates when using the REST API Modular Input functionality through its user interface. The vulnerability also potentially affects third-party apps and add-ons that call the cloudconnectlib.splunktacollectorlib.cloud_connect_mod_input Python class directly.​
2023-02-14​
not yet calculated​
CVE-2023-22943
MISC
espcms -- p8.21120101​
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.​
2023-02-17​
not yet calculated​
CVE-2023-23007
MISC
totolink -- a720r_v4.1.5cu.532_b20210610​
TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control.​
2023-02-17​
not yet calculated​
CVE-2023-23064
MISC
canteen_management_system -- canteen_management_system​
Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php.​
2023-02-17​
not yet calculated​
CVE-2023-23279
MISC
sunell -- dvr​
Sunell DVR, latest version, CWE-200: Exposure of Sensitive Information to an Unauthorized Actor through an unspecified request.​
2023-02-15​
not yet calculated​
CVE-2023-23458
MISC
priority -- windows​
Priority Windows may allow Command Execution via SQL Injection using an unspecified method.​
2023-02-15​
not yet calculated​
CVE-2023-23459
MISC
priority -- web​
Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass.​
2023-02-15​
not yet calculated​
CVE-2023-23460
MISC
libpeconv -- libpeconv​
Libpeconv – access violation, before commit b076013 (30/11/2022).​
2023-02-15​
not yet calculated​
CVE-2023-23461
MISC
libpeconv -- libpeconv​
Libpeconv – integer overflow, before commit 75b1565 (30/11/2022).​
2023-02-15​
not yet calculated​
CVE-2023-23462
MISC
sunell -- dvr​
Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through an unspecified request.​
2023-02-15​
not yet calculated​
CVE-2023-23463
MISC
media_cp -- control_panel​
Media CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure.​
2023-02-15​
not yet calculated​
CVE-2023-23464
MISC
media_cp -- control_panel​
Media CP Media Control Panel latest version. CSRF possible through unspecified endpoint.​
2023-02-15​
not yet calculated​
CVE-2023-23465
MISC
media_cp -- control_panel​
Media CP Media Control Panel latest version. Insufficiently protected credential change.​
2023-02-15​
not yet calculated​
CVE-2023-23466
MISC
media_cp -- control_panel​
Media CP Media Control Panel latest version. Reflected XSS possible through unspecified endpoint.​
2023-02-15​
not yet calculated​
CVE-2023-23467
MISC
control_by_web -- x-600m_devices​
Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code.​
2023-02-13​
not yet calculated​
CVE-2023-23551
MISC
control_by_web -- x-400m_devices​
Control By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.​
2023-02-13​
not yet calculated​
CVE-2023-23553
MISC
eternal_terminal -- eternal_terminal​
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in that file.​
2023-02-16​
not yet calculated​
CVE-2023-23558
MISC
MISC
MLIST
linux -- kernel​
Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring's io_worker threads, thus it is possible to insert a time namespace's vvar page to process's memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the process' memory, and a next page allocated by the kernel will be still available from the user-space process and can leak memory contents via this (read-only) use-after-free vulnerability. We recommend upgrading past version 5.10.161 or commit 788d0824269bef539fe31a785b1517882eafed93 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring
2023-02-17​
not yet calculated​
CVE-2023-23586
MISC
MISC
git_for_windows -- git​
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when gitk is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using gitk (or Git GUI's "Visualize History" functionality) in clones of untrusted repositories.​
2023-02-14​
not yet calculated​
CVE-2023-23618
MISC
MISC
MISC
MISC
dell -- secure_connect_gateway​
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.​
2023-02-17​
not yet calculated​
CVE-2023-23695
MISC
dell -- command​
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.​
2023-02-13​
not yet calculated​
CVE-2023-23697
MISC
joomla!_project -- joomla!_cms​
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.​
2023-02-16​
not yet calculated​
CVE-2023-23752
MISC
fortinet -- fortiweb​
A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.​
2023-02-16​
not yet calculated​
CVE-2023-23778
MISC
fortinet -- fortiweb​
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2023-23779
MISC
fortinet -- fortiweb​
A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests.​
2023-02-16​
not yet calculated​
CVE-2023-23780
MISC
fortinet -- fortiweb​
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files.​
2023-02-16​
not yet calculated​
CVE-2023-23781
MISC
fortinet -- fortiweb​
A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands.​
2023-02-16​
not yet calculated​
CVE-2023-23782
MISC
fortinet -- fortiweb​
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.​
2023-02-16​
not yet calculated​
CVE-2023-23783
MISC
fortinet -- fortiweb​
A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests.​
2023-02-16​
not yet calculated​
CVE-2023-23784
MISC
siemens -- mendix​
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All versions < V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions < V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.15). Some of the Mendix runtime API’s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors.​
2023-02-14​
not yet calculated​
CVE-2023-23835
MISC
solarwinds -- platform​
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.​
2023-02-15​
not yet calculated​
CVE-2023-23836
MISC
MISC
synopsys -- jenkins_coverity_plugin​
A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.​
2023-02-15​
not yet calculated​
CVE-2023-23847
CONFIRM
CONFIRM
synopsys -- jenkins_coverity_plugin​
Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.​
2023-02-15​
not yet calculated​
CVE-2023-23848
CONFIRM
CONFIRM
synopsys -- jenkins_coverity_plugin​
A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.​
2023-02-15​
not yet calculated​
CVE-2023-23850
CONFIRM
CONFIRM
sap_se -- business_planning_and_consolidation​
SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. If other users visit the uploaded malicious web page, the attacker may perform actions on behalf of the users without their consent impacting the confidentiality and integrity of the system.​
2023-02-14​
not yet calculated​
CVE-2023-23851
MISC
MISC
sap_se -- solution_manager​
SAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.​
2023-02-14​
not yet calculated​
CVE-2023-23852
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platform​
An unauthenticated attacker in AP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, can craft a link which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack. Vulnerability has no direct impact on availability.​
2023-02-14​
not yet calculated​
CVE-2023-23853
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platform​
SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.​
2023-02-14​
not yet calculated​
CVE-2023-23854
MISC
MISC
sap_se -- solution_manager​
SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to confidentiality, integrity and availability.​
2023-02-14​
not yet calculated​
CVE-2023-23855
MISC
MISC
sap_se -- businessobjects_business_intelligence​
In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS attacks. On successful exploitation an attacker can cause a low impact on integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-23856
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platform​
Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and might be directed with the response to somewhere out-side SAP and enter sensitive data. This could cause a limited impact on confidentiality and integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-23858
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platform​
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.​
2023-02-14​
not yet calculated​
CVE-2023-23859
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platform​
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack.​
2023-02-14​
not yet calculated​
CVE-2023-23860
MISC
MISC
hasthemes -- extensions_for_cf7​
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation.​
2023-02-17​
not yet calculated​
CVE-2023-23899
MISC
moodle -- moodle​
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.​
2023-02-17​
not yet calculated​
CVE-2023-23921
MISC
MISC
MISC
moodle -- moodle​
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.​
2023-02-17​
not yet calculated​
CVE-2023-23922
MISC
MISC
MISC
moodle -- moodle​
The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.​
2023-02-17​
not yet calculated​
CVE-2023-23923
MISC
MISC
MISC
apoc -- apoc​
APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j. An XML External Entity (XXE) vulnerability found in the apoc.import.graphml procedure of APOC core plugin prior to version 5.5.0 in Neo4j graph database. XML External Entity (XXE) injection occurs when the XML parser allows external entities to be resolved. The XML parser used by the apoc.import.graphml procedure was not configured in a secure way and therefore allowed this. External entities can be used to read local files, send HTTP requests, and perform denial-of-service attacks on the application. Abusing the XXE vulnerability enabled assessors to read local files remotely. Although with the level of privileges assessors had this was limited to one-line files. With the ability to write to the database, any file could have been read. Additionally, assessors noted, with local testing, the server could be crashed by passing in improperly formatted XML. The minimum version containing a patch for this vulnerability is 5.5.0. Those who cannot upgrade the library can control the allowlist of the procedures that can be used in your system.​
2023-02-16​
not yet calculated​
CVE-2023-23926
MISC
MISC
MISC
MISC
werkzeug -- werkzeug​
Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =__Host-test=bad for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie =__Host-test=bad as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.​
2023-02-14​
not yet calculated​
CVE-2023-23934
MISC
MISC
MISC
undici -- undici​
Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect host HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the headers.host string before passing to undici.​
2023-02-16​
not yet calculated​
CVE-2023-23936
MISC
MISC
MISC
MISC
git -- git​
Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use git apply --stat to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.​
2023-02-14​
not yet calculated​
CVE-2023-23946
MISC
MISC
argo_cd -- argo_cd​
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All Argo CD versions starting with 2.3.0-rc1 and prior to 2.3.17, 2.4.23 2.5.11, and 2.6.2 are vulnerable to an improper authorization bug which allows users who have the ability to update at least one cluster secret to update any cluster secret. The attacker could use this access to escalate privileges (potentially controlling Kubernetes resources) or to break Argo CD functionality (by preventing connections to external clusters). A patch for this vulnerability has been released in Argo CD versions 2.6.2, 2.5.11, 2.4.23, and 2.3.17. Two workarounds are available. Either modify the RBAC configuration to completely revoke all clusters, update access, or use the destinations and clusterResourceWhitelist fields to apply similar restrictions as the namespaces and clusterResources fields.​
2023-02-16​
not yet calculated​
CVE-2023-23947
MISC
MISC
owncloud -- andriod_app​
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in FileContentProvider.kt. This issue can lead to information disclosure. Two databases, filelist and owncloud_database, are affected. In version 3.0, the filelist database was deprecated. However, injections affecting owncloud_database remain relevant as of version 3.0.​
2023-02-13​
not yet calculated​
CVE-2023-23948
MISC
fuguhub -- fuguhub​
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.​
2023-02-17​
not yet calculated​
CVE-2023-24078
MISC
chikoi -- chikoi​
ChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function.​
2023-02-13​
not yet calculated​
CVE-2023-24084
MISC
slims -- slims​
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /customs/loan_by_class.php?reportView.​
2023-02-13​
not yet calculated​
CVE-2023-24086
MISC
totolink -- ca300-poe​
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function.​
2023-02-14​
not yet calculated​
CVE-2023-24159
MISC
totolink -- ca300-poe​
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.​
2023-02-14​
not yet calculated​
CVE-2023-24160
MISC
totolink -- ca300-poe​
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.​
2023-02-14​
not yet calculated​
CVE-2023-24161
MISC

ureport2 -- ureport2
An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile.​
2023-02-14​
not yet calculated​
CVE-2023-24187
MISC
MISC
MISC

ureport2 -- ureport2
ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted.​
2023-02-13​
not yet calculated​
CVE-2023-24188
MISC
MISC
MISC

luckyframeweb -- luckyframeweb
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml.​
2023-02-17​
not yet calculated​
CVE-2023-24219
MISC

luckyframeweb -- luckyframeweb
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml.​
2023-02-17​
not yet calculated​
CVE-2023-24220
MISC

luckyframeweb -- luckyframeweb
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml.​
2023-02-17​
not yet calculated​
CVE-2023-24221
MISC

totolink -- a7100ru
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.​
2023-02-16​
not yet calculated​
CVE-2023-24236
MISC

totolink -- a7100ru
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.​
2023-02-16​
not yet calculated​
CVE-2023-24238
MISC

python -- python
An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.​
2023-02-17​
not yet calculated​
CVE-2023-24329
MISC
MISC

ujcms -- ujcms
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.​
2023-02-17​
not yet calculated​
CVE-2023-24369
MISC

wordpress -- wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions.​
2023-02-14​
not yet calculated​
CVE-2023-24377
MISC

wordpress -- wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions.​
2023-02-14​
not yet calculated​
CVE-2023-24382
MISC

wordpress -- wordpress
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).​
2023-02-17​
not yet calculated​
CVE-2023-24388
MISC

siemens -- multiple_products
A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.​
2023-02-14​
not yet calculated​
CVE-2023-24482
MISC

citrix -- multiple_products
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.​
2023-02-16​
not yet calculated​
CVE-2023-24483
MISC

citrix -- multiple_products
A malicious user can cause log files to be written to a directory that they do not have permission to write to.​
2023-02-16​
not yet calculated​
CVE-2023-24484
MISC

citrix -- multiple_products
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.​
2023-02-16​
not yet calculated​
CVE-2023-24485
MISC
netgear -- prosafe_24_port_10/100_fs726tp​
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text.​
2023-02-15​
not yet calculated​
CVE-2023-24498
MISC
butterfly_button_plugin -- butterfly_button_plugin​
Butterfly Button plugin may leave traces of its use on user's device. Since it is used for reporting domestic problems, this may lead to spouse knowing about its use.​
2023-02-15​
not yet calculated​
CVE-2023-24499
MISC

sap_se -- multiple_products
Due to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Framework) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to a limited impact on the confidentiality and the integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-24521
MISC
MISC

sap_se -- multiple_products
Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to a limited impact on the confidentiality and the integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-24522
MISC
MISC

sap_se -- multiple_products
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS command can read or modify any user or system data and can make the system unavailable.​
2023-02-14​
not yet calculated​
CVE-2023-24523
MISC
MISC

sap_se -- multiple_products
SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability.​
2023-02-14​
not yet calculated​
CVE-2023-24524
MISC
MISC

sap_se -- multiple_products
SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application.​
2023-02-14​
not yet calculated​
CVE-2023-24525
MISC
MISC

sap_se -- multiple_products
SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents.​
2023-02-14​
not yet calculated​
CVE-2023-24528
MISC
MISC
sap_se -- netweaver_application_server_for_abap​
Due to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a Reflected Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to hijack a user session, read and modify some sensitive information.​
2023-02-14​
not yet calculated​
CVE-2023-24529
MISC
MISC
sap_se -- multiple_products​
SAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely compromise the application causing high impact on confidentiality, integrity and availability of the application.​
2023-02-14​
not yet calculated​
CVE-2023-24530
MISC
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24549
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24550
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24551
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24552
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24553
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24554
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24555
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24556
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24557
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24558
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24559
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24560
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24561
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24562
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-24563
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069)​
2023-02-14​
not yet calculated​
CVE-2023-24564
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)​
2023-02-14​
not yet calculated​
CVE-2023-24565
MISC

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472)​
2023-02-14​
not yet calculated​
CVE-2023-24566
MISC

siemens -- multiple_products
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.​
2023-02-13​
not yet calculated​
CVE-2023-24572
MISC

django -- django
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.​
2023-02-15​
not yet calculated​
CVE-2023-24580
MISC
MISC
MISC
MISC
MLIST

siemens -- multiple_products
A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted STP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19425)​
2023-02-14​
not yet calculated​
CVE-2023-24581
MISC
redpanda -- redpanda​
Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versions are 22.3.12, 22.2.10, and 22.1.12.​
2023-02-13​
not yet calculated​
CVE-2023-24619
MISC
food_ordering_system -- food_ordering_system​
An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.​
2023-02-13​
not yet calculated​
CVE-2023-24646
MISC
food_ordering_system -- food_ordering_system​
Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.​
2023-02-13​
not yet calculated​
CVE-2023-24647
MISC

zstore -- zstore
Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php.​
2023-02-13​
not yet calculated​
CVE-2023-24648
MISC
changedetection.io -- changedetection.io​
Changedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the main page. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter under the "Add a new change detection watch" function.​
2023-02-17​
not yet calculated​
CVE-2023-24769
MISC
MISC

peazip -- peazip
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End of Archive tag function of the peazip/pea UNPEA feature.​
2023-02-17​
not yet calculated​
CVE-2023-24785
MISC
owncloud -- andriod_app​
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the .txt extension). Version 3.0 fixes the reported bypasses.​
2023-02-13​
not yet calculated​
CVE-2023-24804
MISC
MISC
MISC
undici -- undici​
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the Headers.set() and Headers.append() methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the headerValueNormalize() utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.​
2023-02-16​
not yet calculated​
CVE-2023-24807
MISC
MISC
MISC
MISC

nethack -- nethack
NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds.​
2023-02-17​
not yet calculated​
CVE-2023-24809
MISC
MISC

ibm -- infosphere_information_server
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333​
2023-02-17​
not yet calculated​
CVE-2023-24960
MISC
MISC

ibm -- infosphere_information_server
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.​
2023-02-17​
not yet calculated​
CVE-2023-24964
MISC
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19788)​
2023-02-14​
not yet calculated​
CVE-2023-24978
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789)​
2023-02-14​
not yet calculated​
CVE-2023-24979
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19790)​
2023-02-14​
not yet calculated​
CVE-2023-24980
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791)​
2023-02-14​
not yet calculated​
CVE-2023-24981
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)​
2023-02-14​
not yet calculated​
CVE-2023-24982
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19805)​
2023-02-14​
not yet calculated​
CVE-2023-24983
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806)​
2023-02-14​
not yet calculated​
CVE-2023-24984
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807)​
2023-02-14​
not yet calculated​
CVE-2023-24985
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808)​
2023-02-14​
not yet calculated​
CVE-2023-24986
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809)​
2023-02-14​
not yet calculated​
CVE-2023-24987
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810)​
2023-02-14​
not yet calculated​
CVE-2023-24988
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)​
2023-02-14​
not yet calculated​
CVE-2023-24989
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812)​
2023-02-14​
not yet calculated​
CVE-2023-24990
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813)​
2023-02-14​
not yet calculated​
CVE-2023-24991
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)​
2023-02-14​
not yet calculated​
CVE-2023-24992
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815)​
2023-02-14​
not yet calculated​
CVE-2023-24993
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816)​
2023-02-14​
not yet calculated​
CVE-2023-24994
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)​
2023-02-14​
not yet calculated​
CVE-2023-24995
MISC
siemens -- tecnomatix_plant_simulation​
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818)​
2023-02-14​
not yet calculated​
CVE-2023-24996
MISC
nec -- pc_settings_tool​
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges.​
2023-02-15​
not yet calculated​
CVE-2023-25011
MISC
wordpress -- wordpress​
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.​
2023-02-14​
not yet calculated​
CVE-2023-25065
MISC
foliovision -- fv_flowplayer_video_player​
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.​
2023-02-14​
not yet calculated​
CVE-2023-25066
MISC
siemens -- parasolid/solid_edge​
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V2210Update12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.​
2023-02-14​
not yet calculated​
CVE-2023-25140
MISC
MISC

apache -- sling_jcr_base
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDNI and RMI. Users of Apache Sling JCR Base are recommended to upgrade to Apache Sling JCR Base 3.1.12 or later, or to run on a more recent JDK.​
2023-02-14​
not yet calculated​
CVE-2023-25141
MISC

timescaledb -- timescaledb
TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run with a locked down search_path, allowing malicious users to create functions that would be executed by the telemetry job, leading to privilege escalation. In order to be able to take advantage of this vulnerability, a user would need to be able to create objects in a database and then get a superuser to install TimescaleDB into their database. When TimescaleDB is installed as trusted extension, non-superusers can install the extension without help from a superuser. Version 2.9.3 fixes this issue. As a mitigation, the search_path of the user running the telemetry job can be locked down to not include schemas writable by other users. The vulnerability is not exploitable on instances in Timescale Cloud and Managed Service for TimescaleDB due to additional security provisions in place on those platforms.​
2023-02-14​
not yet calculated​
CVE-2023-25149
MISC
MISC
MISC

containerd -- containerd
containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.​
2023-02-16​
not yet calculated​
CVE-2023-25153
MISC
MISC
MISC
MISC

kiwi_tcms -- kiwi_tcms
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a rate-limiting proxy in front of Kiwi TCMS.​
2023-02-15​
not yet calculated​
CVE-2023-25156
MISC
MISC
MISC
MISC
nextcloud -- multiple_products​
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, and Nextcloud Office (Richdocuments) App 6.x prior to 6.3.1 and 7.x prior to 7.0.1 have previews accessible without a watermark. The download should be hidden and the watermark should get applied. This issue is fixed in Nextcloud Server 25.0.1 and 24.0.8, Nextcloud Enterprise Server 25.0.1 and 24.0.8, and Nextcloud Office (Richdocuments) App 7.0.1 (for 25) and 6.3.1 (for 24). No known workarounds are available.​
2023-02-13​
not yet calculated​
CVE-2023-25159
MISC
MISC
MISC
MISC
nextcloud -- mail
Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail 1.11.8 for Nextcloud 20 to receive a patch. No known workarounds are available.​
2023-02-13​
not yet calculated​
CVE-2023-25160
MISC
MISC
MISC
nextcloud -- server/enterprise_server​
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known workarounds are available.​
2023-02-13​
not yet calculated​
CVE-2023-25161
MISC
MISC
MISC
nextcloud -- server/enterprise_server​
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available.​
2023-02-13​
not yet calculated​
CVE-2023-25162
MISC
MISC
MISC

kiwi_tcms -- kiwi_tcms
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.​
2023-02-15​
not yet calculated​
CVE-2023-25171
MISC
MISC
MISC
MISC

containerd -- containerd
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the "USER $USERNAME" Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to ENTRYPOINT ["su", "-", "user"] to allow su to properly set up supplementary groups.​
2023-02-16​
not yet calculated​
CVE-2023-25173
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC

ami -- megarac_spx
AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.​
2023-02-15​
not yet calculated​
CVE-2023-25191
MISC

ami -- megarac_spx
AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.​
2023-02-15​
not yet calculated​
CVE-2023-25192
MISC

pimcore -- pimcore
An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code.​
2023-02-13​
not yet calculated​
CVE-2023-25240
MISC
MISC

bgerp -- bgerp
bgERP v22.31 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.​
2023-02-13​
not yet calculated​
CVE-2023-25241
MISC
MISC

gss_ntlmssp -- gss_ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of internal buffers. Although most applications will error out before accepting a singe input buffer of 4GB in length this could theoretically happen. This vulnerability can be triggered via the main gss_accept_sec_context entry point if the application allows tokens greater than 4GB in length. This can lead to a large, up to 65KB, out-of-bounds read which could cause a denial-of-service if it reads from unmapped memory. Version 1.2.0 contains a patch for the out-of-bounds reads.​
2023-02-14​
not yet calculated​
CVE-2023-25563
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable outlen was not initialized and could cause writing a zero to an arbitrary place in memory if ntlm_str_convert() were to fail, which would leave outlen uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main gss_accept_sec_context entry point. This issue is fixed in version 1.2.0.​
2023-02-14​
not yet calculated​
CVE-2023-25564
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that needs to be freed. However, that is not the case. This vulnerability can be triggered via the main gss_accept_sec_context entry point. This will likely trigger an assertion failure in free, causing a denial-of-service. This issue is fixed in version 1.2.0.​
2023-02-14​
not yet calculated​
CVE-2023-25565
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsing usernames which can trigger a denial-of-service. The domain portion of a username may be overridden causing an allocated memory area the size of the domain name to be leaked. An attacker can leak memory via the main gss_accept_sec_context entry point, potentially causing a denial-of-service. This issue is fixed in version 1.2.0.​
2023-02-14​
not yet calculated​
CVE-2023-25566
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp
GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the av_pair is not checked properly for two of the elements which can trigger an out-of-bound read. The out-of-bounds read can be triggered via the main gss_accept_sec_context entry point and could cause a denial-of-service if the memory is unmapped. The issue is fixed in version 1.2.0.​
2023-02-14​
not yet calculated​
CVE-2023-25567
MISC
MISC
MISC

backstage -- backstage
Backstage is an open platform for building developer portals. @backstage/catalog-model prior to version 1.2.0, @backstage/core-components prior to 0.12.4, and @backstage/plugin-catalog-backend prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicious actor with access to add or modify content in an instance of the Backstage software catalog to inject script URLs in the entities stored in the catalog. If users of the catalog then click on said URLs, that can lead to an XSS attack. This vulnerability has been patched in both the frontend and backend implementations. The default Link component from @backstage/core-components version 1.2.0 and greater will now reject javascript: URLs, and there is a global override of window.open to do the same. In addition, the catalog model v0.12.4 and greater as well as the catalog backend v1.7.2 and greater now has additional validation built in that prevents javascript: URLs in known annotations. As a workaround, the general practice of limiting access to modifying catalog content and requiring code reviews greatly help mitigate this vulnerability.​
2023-02-14​
not yet calculated​
CVE-2023-25571
MISC
MISC
react_admin -- react_admin​
react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and using the <RichTextField> are affected. <RichTextField> outputs the field value using dangerouslySetInnerHTML without client-side sanitization. If the data isn't sanitized server-side, this opens a possible cross-site scripting (XSS) attack. Versions 3.19.12 and 4.7.6 now use DOMPurify to escape the HTML before outputting it with React and dangerouslySetInnerHTML. Users who already sanitize HTML data server-side do not need to upgrade. As a workaround, users may replace the <RichTextField> by a custom field doing sanitization by hand.​
2023-02-13​
not yet calculated​
CVE-2023-25572
MISC
MISC
MISC
MISC
MISC

fastify -- fastify_multipart
@fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an unlimited number of file parts, the multipart body parser accepting an unlimited number of field parts, and the multipart body parser accepting an unlimited number of empty parts as field parts. This is fixed in v7.4.1 (for Fastify v4.x) and v6.0.1 (for Fastify v3.x). There are no known workarounds.​
2023-02-14​
not yet calculated​
CVE-2023-25576
MISC
MISC
MISC
MISC
MISC

werkzeug -- werkzeug
Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses request.data, request.form, request.files, or request.get_data(parse_form_data=False), it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue.​
2023-02-14​
not yet calculated​
CVE-2023-25577
MISC
MISC
MISC

tenable -- starlite
Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and an unlimited number of field parts. This is a remote, potentially unauthenticated Denial of Service vulnerability. This vulnerability affects applications with a request handler that accepts a Body(media_type=RequestEncodingType.MULTI_PART). The large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow down the processing of legitimate user requests. The large amount of RAM accumulated while processing requests can lead to Out-Of-Memory kills. Complete DoS is achievable by sending many concurrent multipart requests in a loop. Version 1.51.2 contains a patch for this issue.​
2023-02-15​
not yet calculated​
CVE-2023-25578
MISC
MISC
MISC

fortinet -- fortiweb
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.​
2023-02-16​
not yet calculated​
CVE-2023-25602
MISC
sap_se -- netweaver_application_server_for_abap​
SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful exploitation it can gain access to the sensitive information which leads to a limited impact on the confidentiality and the integrity of the application.​
2023-02-14​
not yet calculated​
CVE-2023-25614
MISC
MISC

node-jose -- node-jose
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in node-jose can trigger a Denial-of-Service (DoS) condition, due to a possible infinite loop in an internal calculation. For some ECC operations, this condition is triggered randomly; for others, it can be triggered by malicious input. The issue has been patched in version 2.2.0. Since this issue is only present in the "fallback" crypto implementation, it can be avoided by ensuring that either WebCrypto or the Node crypto module is available in the JS environment where node-jose is being run.​
2023-02-16​
not yet calculated​
CVE-2023-25653
MISC
MISC
ruckus_wireless -- admin​
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.​
2023-02-13​
not yet calculated​
CVE-2023-25717
MISC
MISC

connectwise -- connectwise_control
The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect) are cryptographically flawed. An attacker can remotely generate or locally alter file contents and bypass code-signing controls. This can be used to execute code as a trusted application provider, escalate privileges, or execute arbitrary commands in the context of the user. The attacker tampers with a trusted, signed executable in transit.​
2023-02-13​
not yet calculated​
CVE-2023-25718
MISC
MISC

connectwise -- connectwise_control
ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to execute malicious queries or as a denial-of-service vector.​
2023-02-13​
not yet calculated​
CVE-2023-25719
MISC
MISC

haproxy -- haproxy
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.​
2023-02-14​
not yet calculated​
CVE-2023-25725
MISC
CONFIRM
MLIST
DEBIAN

phpmyadmin -- phpmyadmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.​
2023-02-13​
not yet calculated​
CVE-2023-25727
MISC
onekey -- touch/mini​
Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.10.0 allow man-in-the-middle attackers to obtain the seed phase. The man-in-the-middle access can only be obtained after disassembling a device (i.e., here, "man-in-the-middle" does not refer to the attacker's position on an IP network). NOTE: the vendor states that "our hardware team has updated the security patch without anyone being affected."​
2023-02-14​
not yet calculated​
CVE-2023-25758
MISC
MISC
MISC
jenkins -- junit_plugin_1166.va_436e268e972​
Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.​
2023-02-15​
not yet calculated​
CVE-2023-25761
CONFIRM
MLIST

jenkins -- pipeline_build_step_plugin
Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.​
2023-02-15​
not yet calculated​
CVE-2023-25762
CONFIRM
MLIST

jenkins -- email_extension_plugin
Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.​
2023-02-15​
not yet calculated​
CVE-2023-25763
CONFIRM
MLIST

jenkins -- email_extension_plugin
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.​
2023-02-15​
not yet calculated​
CVE-2023-25764
CONFIRM
MLIST

jenkins -- email_extension_plugin
In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.​
2023-02-15​
not yet calculated​
CVE-2023-25765
CONFIRM
MLIST

jenkins -- azure_credentials_plugin
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.​
2023-02-15​
not yet calculated​
CVE-2023-25766
CONFIRM
MLIST
enkins -- azure_credentials_plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.​
2023-02-15​
not yet calculated​
CVE-2023-25767
CONFIRM
MLIST
enkins -- azure_credentials_plugin​
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.​
2023-02-15​
not yet calculated​
CVE-2023-25768
CONFIRM
MLIST

craftercms -- craftercms
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.​
2023-02-17​
not yet calculated​
CVE-2023-26020
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Continue reading...