CISA Bulletins - Vulnerability Summary for the Week of May 22, 2023

CISA · May 31, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

PrimaryVendor -- Product	Description	Published	CVSS Score	Source & Patch Info
cbot -- chatbot	Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	9.9	CVE-2023-2882 MISC
cbot -- chatbot	Channel Accessible by Non-Endpoint vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	9.9	CVE-2023-2885 MISC
linux -- linux_kernel	An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.	2023-05-21	9.8	CVE-2020-36694 MISC MISC MISC MISC
huawei -- emui	Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read.	2023-05-26	9.8	CVE-2021-46887 MISC
thingsforrestaurants -- quick_restaurant_reservations	Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions.	2023-05-22	9.8	CVE-2022-44739 MISC
schneider-electric -- powerlogic_ion9000_firmware	A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.	2023-05-22	9.8	CVE-2022-46680 MISC
ibm -- infosphere_information_server	IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163.	2023-05-19	9.8	CVE-2022-47984 MISC MISC
huawei -- harmonyos	The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.	2023-05-26	9.8	CVE-2022-48478 MISC
huawei -- harmonyos	The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.	2023-05-26	9.8	CVE-2022-48479 MISC
adam_retail_automation_systems -- mobilmen_terminal_software	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.	2023-05-23	9.8	CVE-2023-1508 MISC
ipekyolu_software -- auto_damage_tracking_software	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection.This issue affects Auto Damage Tracking Software: before 4.	2023-05-24	9.8	CVE-2023-2045 MISC
minova_technology -- etrace	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace allows SQL Injection.This issue affects eTrace: before 23.05.20.	2023-05-24	9.8	CVE-2023-2064 MISC
wclovers -- wcfm_membership	The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts.	2023-05-20	9.8	CVE-2023-2276 MISC MISC MISC
vibethemes -- bp_social_connect	The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.	2023-05-19	9.8	CVE-2023-2704 MISC MISC MISC MISC
rental_module_project -- rental_module	Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.	2023-05-20	9.8	CVE-2023-2712 MISC
rental_module_project -- rental_module	Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15.	2023-05-20	9.8	CVE-2023-2713 MISC
cityboss -- e-municipality	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cityboss E-municipality allows SQL Injection.This issue affects E-municipality: before 6.05.	2023-05-24	9.8	CVE-2023-2750 MISC
sourcecodester -- online_jewelry_store	A vulnerability classified as critical was found in SourceCodester Online Jewelry Store 1.0. Affected by this vulnerability is an unknown functionality of the file supplier.php of the component POST Parameter Handler. The manipulation of the argument suppid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229429 was assigned to this vulnerability.	2023-05-19	9.8	CVE-2023-2815 MISC MISC MISC
sourcecodester -- class_scheduling_system	A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_subject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229597 was assigned to this vulnerability.	2023-05-20	9.8	CVE-2023-2823 MISC MISC MISC
snapone -- orvc	Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrary firmware updates, resulting in code execution.	2023-05-22	9.8	CVE-2023-28386 MISC MISC
gpac -- gpac	NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2.	2023-05-22	9.8	CVE-2023-2840 CONFIRM MISC DEBIAN
sourcecodester -- theme_park_ticketing_system	A vulnerability was found in SourceCodester Theme Park Ticketing System 1.0. It has been classified as critical. This affects an unknown part of the file print_ticket.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229821 was assigned to this vulnerability.	2023-05-24	9.8	CVE-2023-2865 MISC MISC MISC
apache -- inlong	Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by sending a login request and following it with a subsequent HTTP request using the returned cookie. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.	2023-05-22	9.8	CVE-2023-31062 MISC
wcms -- wcms	In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute scripts to trigger command execution.	2023-05-22	9.8	CVE-2023-31689 MISC
sem-cms -- semcms	SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.	2023-05-19	9.8	CVE-2023-31707 MISC
ibm -- infosphere_information_server	IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285.	2023-05-22	9.8	CVE-2023-32336 MISC MISC
linux -- linux_kernel	The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.	2023-05-21	9.8	CVE-2023-33250 MISC MISC
old_age_home_management_system_project -- old_age_home_management_system	Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.	2023-05-23	9.8	CVE-2023-33338 MISC
gpac -- gpac	Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.	2023-05-22	9.1	CVE-2023-2838 MISC CONFIRM DEBIAN
cbot -- chatbot	Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	9.1	CVE-2023-2887 MISC
apache -- inlong	Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.	2023-05-22	9.1	CVE-2023-31065 MISC
apache -- inlong	Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 https://github.com/apache/inlong/pull/7775 to solve it.	2023-05-22	9.1	CVE-2023-31066 MISC
netbox_project -- netbox	DISPUTED A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; queries for database objects would have been denied.	2023-05-24	9.1	CVE-2023-33796 MISC MISC
asgaros -- asgaros_forum	Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum plugin <= 2.2.0 versions.	2023-05-22	8.8	CVE-2022-41608 MISC
webmat -- flexible_elementor_panel	Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions.	2023-05-22	8.8	CVE-2022-45076 MISC
loginizer -- loginizer	Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.	2023-05-22	8.8	CVE-2022-45079 MISC
xootix -- side_cart_woocommerce	Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.	2023-05-22	8.8	CVE-2022-45376 MISC
brainstormforce -- starter_templates	Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions.	2023-05-23	8.8	CVE-2022-46851 MISC
radiustheme -- post_grid	Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 5.0.4 versions.	2023-05-23	8.8	CVE-2022-46853 MISC
gallery_metabox_project -- gallery_metabox	Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin <= 1.5 versions.	2023-05-20	8.8	CVE-2022-47134 MISC
mediamatic -- media_library_folders	Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.	2023-05-22	8.8	CVE-2022-47142 MISC
crayon_syntax_highlighter_project -- crayon_syntax_highlighter	Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions.	2023-05-22	8.8	CVE-2022-47167 MISC
stylist_project -- stylist	Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions.	2023-05-22	8.8	CVE-2022-47183 MISC
nicearma -- dnui-delete-not-used-image	Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <= 2.8.1 versions.	2023-05-22	8.8	CVE-2022-47609 MISC
hover_image_project -- hover_image	Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m Hover Image plugin <= 1.4.1 versions.	2023-05-22	8.8	CVE-2022-47611 MISC
armoli_technology -- cargo_tracking_system	Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28 .	2023-05-24	8.8	CVE-2023-2065 MISC
wp_tabs_slides_project -- wp_tabs_slides	Cross-Site Request Forgery (CSRF) vulnerability in Abdul Ibad WP Tabs Slides plugin <= 2.0.3 versions.	2023-05-22	8.8	CVE-2023-22688 MISC
autoaffiliatelinks -- auto_affiliate_links	Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions.	2023-05-20	8.8	CVE-2023-22689 MISC
name_directory_project -- name_directory	Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <= 1.27.1 versions.	2023-05-22	8.8	CVE-2023-22692 MISC
srs_simple_hits_counter_project -- srs_simple_hits_counter	Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <= 1.1.0 versions.	2023-05-22	8.8	CVE-2023-22709 MISC
supsystic -- coming_soon	Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <= 1.7.10 versions.	2023-05-22	8.8	CVE-2023-22714 MISC
wp_topbar_project -- wp_topbar	Cross-Site Request Forgery (CSRF) vulnerability in Bob Goetz WP-TopBar plugin <= 5.36 versions.	2023-05-22	8.8	CVE-2023-23680 MISC
hmplugin -- wordpress_books_gallery	Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.	2023-05-23	8.8	CVE-2023-23705 MISC
miniorange -- wordpress_social_login_and_register_$discord\,_google\,_twitter\,_linkedin$	Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.	2023-05-23	8.8	CVE-2023-23706 MISC
user-meta -- user_meta_manager	Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <= 3.4.9 versions.	2023-05-22	8.8	CVE-2023-23712 MISC
theme_tweaker_project -- theme_tweaker	Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Theme Tweaker plugin <= 5.20 versions.	2023-05-23	8.8	CVE-2023-23713 MISC
winwar -- wp_email_capture	Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.	2023-05-23	8.8	CVE-2023-23724 MISC
secondlinethemes -- auto_youtube_importer	Cross-Site Request Forgery (CSRF) vulnerability in SecondLineThemes Auto YouTube Importer plugin <= 1.0.3 versions.	2023-05-22	8.8	CVE-2023-23797 MISC
my_calendar_project -- my_calendar	Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions.	2023-05-22	8.8	CVE-2023-23813 MISC
ljapps -- wp_airbnb_review_slider	Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Airbnb Review Slider plugin <= 3.2 versions.	2023-05-20	8.8	CVE-2023-23890 MISC
robosoft -- robogallery	Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions.	2023-05-20	8.8	CVE-2023-24414 MISC
slickremix -- feed_them_social	Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.	2023-05-23	8.8	CVE-2023-25056 MISC
inkthemes -- colorway	Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.	2023-05-22	8.8	CVE-2023-25447 MISC
archivist_project -- archivist	Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions.	2023-05-22	8.8	CVE-2023-25448 MISC
podlove -- podlove_podcast_publisher	Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.	2023-05-23	8.8	CVE-2023-25472 MISC
podlove -- podlove_subscribe_button	Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <= 1.3.7 versions.	2023-05-23	8.8	CVE-2023-25481 MISC
vikwp -- vikbooking_hotel_booking_engine_\&_pms	Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 versions.	2023-05-23	8.8	CVE-2023-25707 MISC
finex_media -- competition_management_system	Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.This issue affects Competition Management System: before 23.07.	2023-05-23	8.8	CVE-2023-2702 MISC
weaver -- e-cology	A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-19	8.8	CVE-2023-2806 MISC MISC MISC
cbot -- chatbot	Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	8.8	CVE-2023-2883 MISC
pingonline -- dyslexiefont_free	Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions.	2023-05-20	8.8	CVE-2023-32589 MISC
mitsubishielectric -- melsec_ws0-geth00200_firmware	Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all versions allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and is enabled by default when shipped from the factory. As a result, a remote attacker with unauthorized login can reset the module, and if certain conditions are met, he/she can disclose or tamper with the module's configuration or rewrite the firmware.	2023-05-19	8.6	CVE-2023-1618 MISC MISC MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions prior to 4.10.0 contain a cross-site scripting (XSS) vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an HTML object to trigger the vulnerability. This could allow the attacker to execute scripts in the account context and obtain remote code execution on managed devices.	2023-05-22	8.3	CVE-2023-2587 MISC
obsidian -- obsidian	Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page.	2023-05-20	8.2	CVE-2023-33244 MISC MISC
cloudfoundry -- cf-deployment	Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection.	2023-05-19	8.1	CVE-2023-20881 MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation in the 'ajax_edit_contact' function. This makes it possible for authenticated attackers to receive the auto login link via shortcode and then modify the assigned user to the auto login link to elevate verified user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2023-05-20	8	CVE-2023-2736 MISC MISC MISC MISC
wireshark -- wireshark	BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file	2023-05-26	7.8	CVE-2023-2854 MISC CONFIRM MISC
wireshark -- wireshark	Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file	2023-05-26	7.8	CVE-2023-2855 CONFIRM MISC MISC
wireshark -- wireshark	BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file	2023-05-26	7.8	CVE-2023-2857 MISC MISC CONFIRM
wireshark -- wireshark	NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file	2023-05-26	7.8	CVE-2023-2858 MISC MISC CONFIRM
allwaysync -- allwaysync	Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file.	2023-05-22	7.8	CVE-2023-29838 MISC MISC
luatex_project -- luatex	LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.	2023-05-20	7.8	CVE-2023-32700 MISC MISC MISC MISC
foxit -- pdf_editor	Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2.	2023-05-19	7.8	CVE-2023-33240 MISC
finex_media -- competition_management_system	Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.This issue affects Competition Management System: before 23.07.	2023-05-23	7.6	CVE-2023-2703 MISC
cbot -- chatbot	Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	7.6	CVE-2023-2886 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46881 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46882 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46883 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46884 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46885 MISC
huawei -- emui	The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2021-46886 MISC
fastweb -- fastgate_vdsl2_dga4131fwb_firmware	A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS.	2023-05-19	7.5	CVE-2022-30114 MISC MISC MISC
huawei -- emui	Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality.	2023-05-26	7.5	CVE-2022-48480 MISC
huawei -- emui	The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.	2023-05-26	7.5	CVE-2023-0116 MISC
huawei -- harmonyos	The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.	2023-05-20	7.5	CVE-2023-1692 MISC MISC
huawei -- emui	The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.	2023-05-20	7.5	CVE-2023-1693 MISC MISC
huawei -- emui	The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.	2023-05-20	7.5	CVE-2023-1694 MISC MISC
huawei -- harmonyos	The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.	2023-05-20	7.5	CVE-2023-1696 MISC MISC
sitecore -- experience_platform	Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx	2023-05-22	7.5	CVE-2023-27067 MISC MISC
gitlab -- gitlab	An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.	2023-05-26	7.5	CVE-2023-2825 MISC MISC CONFIRM
gpac -- gpac	Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.	2023-05-22	7.5	CVE-2023-2839 CONFIRM MISC DEBIAN
apache -- tomcat	The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.	2023-05-22	7.5	CVE-2023-28709 MISC MISC MISC
wireshark -- wireshark	GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file	2023-05-26	7.5	CVE-2023-2879 MISC CONFIRM MISC
webbax -- customexporter	Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php.	2023-05-19	7.5	CVE-2023-30199 MISC MISC
apache -- inlong	Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it.	2023-05-22	7.5	CVE-2023-31058 MISC
apache -- inlong	Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7799 https://github.com/apache/inlong/pull/7799 to solve it.	2023-05-22	7.5	CVE-2023-31064 MISC
apache -- inlong	Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 to solve it.	2023-05-22	7.5	CVE-2023-31103 MISC
apache -- inlong	Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are not the owner of the deleted subscription. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/7949 https://github.com/apache/inlong/pull/7949	2023-05-22	7.5	CVE-2023-31453 MISC
apache -- inlong	Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1] https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947	2023-05-22	7.5	CVE-2023-31454 MISC
icecms_project -- icecms	IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information.	2023-05-25	7.5	CVE-2023-33355 MISC
bumsys_project -- bumsys	SQL Injection in GitHub repository unilogies/bumsys prior to 2.2.0.	2023-05-22	7.2	CVE-2023-2832 MISC MISC
craftcms -- craft_cms	Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string('') in the View.php's doesTemplateExist() -> resolveTemplate() -> _resolveTemplateInternal() -> _resolveTemplate() function, it returns directly without extension verification, so that arbitrary extension files are rendered as twig templates. When attacker with admin privileges on a DEV or an improperly configured STG or PROD environment, they can exploit this vulnerability to remote code execution. Code execution may grant the attacker access to the host operating system. This issue has been addressed in version 4.4.6. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2023-05-19	7.2	CVE-2023-32679 MISC
sourcecodester -- faculty_evaluation_system	Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.	2023-05-26	7.2	CVE-2023-33439 MISC
sourcecodester -- faculty_evaluation_system	Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.	2023-05-26	7.2	CVE-2023-33440 MISC
dell -- cloudiq_collector	Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data.	2023-05-19	7.1	CVE-2023-28045 MISC

Back to top

Medium Vulnerabilities

PrimaryVendor -- Product	Description	Published	CVSS Score	Source & Patch Info
tp-link -- archer_vr1600v_firmware	A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an operating system level shell via the 'X_TP_IfName' parameter.	2023-05-19	6.7	CVE-2023-31756 MISC
sitecore -- experience_platform	Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle.	2023-05-22	6.5	CVE-2023-27066 MISC MISC
apache -- inlong	Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.	2023-05-22	6.5	CVE-2023-31101 MISC
quest -- kace_systems_deployment_appliance	There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an attacker-controlled LDAP server, clicks the Test Settings button, and captures the cleartext credentials.	2023-05-21	6.5	CVE-2023-33254 MISC
nissan -- sylphy_classic_2021_firmware	The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack.	2023-05-22	6.5	CVE-2023-33281 MISC MISC MISC
cbot -- chatbot	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.	2023-05-25	6.4	CVE-2023-2884 MISC
3ds -- 3dexperience	A reflected Cross-site Scripting (XSS) vulnerability in 3DEXPERIENCE R2018x through R2023x allows an attacker to execute arbitrary script code.	2023-05-19	6.1	CVE-2023-1996 MISC
sourcecodester -- class_scheduling_system	A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/save_teacher.php of the component POST Parameter Handler. The manipulation of the argument Academic_Rank leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229428.	2023-05-19	6.1	CVE-2023-2814 MISC MISC MISC
ellucian -- ethos_identity	A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.10.6 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-229596.	2023-05-20	6.1	CVE-2023-2822 MISC MISC MISC MISC
sourcecodester -- dental_clinic_appointment_reservation_system	A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229598 is the identifier assigned to this vulnerability.	2023-05-20	6.1	CVE-2023-2824 MISC MISC MISC
mybb -- mybb	In MyBB before 1.8.34, there is XSS in the User CP module via the user email field.	2023-05-22	6.1	CVE-2023-28467 MISC MISC
sourcecodester -- online_jewelry_store	A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229820.	2023-05-24	6.1	CVE-2023-2864 MISC MISC MISC
silicon_project -- silicon	GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the User Input field.	2023-05-22	6.1	CVE-2023-31584 MISC MISC
ibm -- infosphere_information_server	IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373.	2023-05-19	5.5	CVE-2023-22878 MISC MISC
telegram -- telegram	Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.	2023-05-19	5.5	CVE-2023-26818 MISC MISC
gpac -- gpac	Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.	2023-05-22	5.5	CVE-2023-2837 MISC CONFIRM DEBIAN
ibm -- mq	IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.	2023-05-19	5.5	CVE-2023-28514 MISC MISC
wireshark -- wireshark	VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file	2023-05-26	5.5	CVE-2023-2856 CONFIRM MISC MISC
ibm -- mq	IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.	2023-05-19	5.5	CVE-2023-28950 MISC MISC
libtiff -- libtiff	A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.	2023-05-19	5.5	CVE-2023-30774 MISC MISC MISC
libtiff -- libtiff	A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.	2023-05-19	5.5	CVE-2023-30775 MISC MISC MISC
hledger -- hledger	An issue was discovered in hledger before 1.23. A Stored Cross-Site Scripting (XSS) vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob function.	2023-05-21	5.4	CVE-2021-46888 MISC MISC MISC MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'ajax_upload_file' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload a file to the contact, and then lists all the other uploaded files related to the contact.	2023-05-20	5.4	CVE-2023-2716 MISC MISC MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gh_form' shortcode in versions up to, and including, 2.7.9.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Please note this only works with legacy contact forms.	2023-05-20	5.4	CVE-2023-2735 MISC MISC MISC MISC
sourcecodester -- class_scheduling_system	A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file search_teacher_result.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229612.	2023-05-21	5.4	CVE-2023-2826 MISC MISC MISC
ibm -- infosphere_information_server	IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251213.	2023-05-19	5.4	CVE-2023-28529 MISC MISC
dedecms -- dedecms	DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'	2023-05-19	5.4	CVE-2023-31757 MISC
jizhicms -- jizhicms	jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package.	2023-05-19	5.4	CVE-2023-31862 MISC
icecms_project -- icecms	IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS).	2023-05-25	5.4	CVE-2023-33356 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33785 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33786 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33787 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33788 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33789 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33790 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Provider Accounts (/circuits/provider-accounts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33791 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Site Groups (/dcim/site-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33792 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33793 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33794 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Contact Roles (/tenancy/contact-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33795 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Sites (/dcim/sites/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33797 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33798 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33799 MISC
netbox_project -- netbox	A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2023-05-24	5.4	CVE-2023-33800 MISC
huawei -- emui	The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime.	2023-05-26	5.3	CVE-2023-0117 MISC
vyper_project -- vyper	Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In contracts with more than one regular nonpayable function, it is possible to send funds to the default function, even if the default function is marked `nonpayable`. This applies to contracts compiled with vyper versions prior to 0.3.8. This issue was fixed by the removal of the global `calldatasize` check in commit `02339dfda`. Users are advised to upgrade to version 0.3.8. Users unable to upgrade should avoid use of nonpayable default functions.	2023-05-19	5.3	CVE-2023-32675 MISC MISC
linux -- linux_kernel	An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.	2023-05-22	4.7	CVE-2023-33288 MISC MISC MISC MISC MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_license' functions in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change the license key and support license key, but it can only be changed to a valid license key.	2023-05-20	4.3	CVE-2023-2714 MISC MISC MISC MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submit_ticket' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website's data to the plugin developer, and it is also possible to create an admin access with an auto login link that is also sent to the plugin developer with the ticket. It only works if the plugin is activated with a valid license.	2023-05-20	4.3	CVE-2023-2715 MISC MISC MISC
groundhogg -- groundhogg	The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation on the 'enable_safe_mode' function. This makes it possible for unauthenticated attackers to enable safe mode, which disables all other plugins, via a forged request if they can successfully trick an administrator into performing an action such as clicking on a link. A warning message about safe mode is displayed to the admin, which can be easily disabled.	2023-05-20	4.3	CVE-2023-2717 MISC MISC MISC
eyoucms -- eyoucms	A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.	2023-05-23	4.3	CVE-2023-31708 MISC
hazelcast -- hazelcast	In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. This allows Hazelcast Management Center users to view some of the secrets.	2023-05-22	4.3	CVE-2023-33264 MISC

Back to top

Low Vulnerabilities

PrimaryVendor -- Product	Description	Published	CVSS Score	Source & Patch Info
zulip -- zulip	Zulip is an open-source team collaboration tool with unique topic-based threading. In the event that 1: `ZulipLDAPAuthBackend` and an external authentication backend (any aside of `ZulipLDAPAuthBackend` and `EmailAuthBackend`) are the only ones enabled in `AUTHENTICATION_BACKENDS` in `/etc/zulip/settings.py` and 2: The organization permissions don't require invitations to join. An attacker can create a new account in the organization with an arbitrary email address in their control that's not in the organization's LDAP directory. The impact is limited to installations which have this specific combination of authentication backends as described above in addition to having `Invitations are required for joining this organization` organization permission disabled. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may enable the `Invitations are required for joining this organization` organization permission to prevent this issue.	2023-05-19	3.7	CVE-2023-28623 MISC MISC
zulip -- zulip	Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows a user to invite a new user also allows them to set the streams that the new user is invited to -- even if the inviting user would not have permissions to add an existing user to streams. While such a configuration is likely rare in practice, the behavior does violate security-related controls. This does not let a user invite new users to streams they cannot see, or would not be able to add users to if they had that general permission. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may limit sending of invitations down to users who also have the permission to add users to streams.	2023-05-19	3.1	CVE-2023-32677 MISC MISC MISC MISC

Back to top

Severity Not Yet Assigned

PrimaryVendor -- Product	Description	Published	CVSS Score	Source & Patch Info
ruby-saml -- ruby-saml	xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.	2023-05-27	not yet calculated	CVE-2015-20108 MISC MISC MISC MISC
webplus_pro -- webplus_pro	WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control.	2023-05-23	not yet calculated	CVE-2020-20012 MISC MISC
ingress-nginx -- ingress-nginx	A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.	2023-05-24	not yet calculated	CVE-2021-25748 MISC MISC
kubernetes -- kubernetes	Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.	2023-05-24	not yet calculated	CVE-2021-25749 MISC
abb -- multiple_products	Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.	2023-05-22	not yet calculated	CVE-2022-0010 MISC
bitdefender -- multiple_products	Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.	2023-05-24	not yet calculated	CVE-2022-0357 MISC
credence_analytics -- ideal_wealth_and_funds	SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence Analytics iDEAL Wealth and Funds - 1.0 iallows authenticated remote attackers to inject payload via "v" parameter.	2023-05-24	not yet calculated	CVE-2022-30025 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions.	2023-05-25	not yet calculated	CVE-2022-38356 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions.	2023-05-25	not yet calculated	CVE-2022-38716 MISC
matrix-org -- synapse	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are legitimate and permitted in their room. However, in versions of Synapse up to and including 1.68.0, a Synapse homeserver answering a query for authorization events does not sufficiently check that the requesting server should be able to access them. The issue was patched in Synapse 1.69.0. Homeserver administrators are advised to upgrade.	2023-05-26	not yet calculated	CVE-2022-39335 MISC MISC MISC
matrix-org -- synapse	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further messages and state changes sent in that room from the vulnerable homeserver to be rejected. This issue has been patched in version 1.68.0	2023-05-26	not yet calculated	CVE-2022-39374 MISC MISC
opentext -- archive_center_administration	The client in OpenText Archive Center Administration through 21.2 allows XXE attacks. Authenticated users of the OpenText Archive Center Administration client (Versions 16.2.3, 21.2, and older versions) could upload XML files to the application that it did not sufficiently validate. As a result, attackers could craft XML files that, when processed by the application, would cause a negative security impact such as data exfiltration or localized denial of service against the application instance and system of the user running it.	2023-05-24	not yet calculated	CVE-2022-41221 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin <= 3.5.2 versions.	2023-05-25	not yet calculated	CVE-2022-41635 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes BadgeOS plugin <= 3.7.1.6 versions.	2023-05-25	not yet calculated	CVE-2022-41987 MISC
jumpserver -- jumpserver	Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.	2023-05-24	not yet calculated	CVE-2022-42225 MISC MISC MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions.	2023-05-25	not yet calculated	CVE-2022-43490 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.	2023-05-24	not yet calculated	CVE-2022-45364 MISC
wordpress -- wordpress	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.4 versions.	2023-05-25	not yet calculated	CVE-2022-45366 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions.	2023-05-25	not yet calculated	CVE-2022-45367 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Wpmet ShopEngine plugin <= 4.1.1 versions.	2023-05-25	not yet calculated	CVE-2022-45371 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions.	2023-05-25	not yet calculated	CVE-2022-45815 MISC
dataprobe -- iboot-pdu_fw	The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of service or remote code execution.	2023-05-22	not yet calculated	CVE-2022-46658 MISC MISC
dataprobe -- iboot-pdu_fw	The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.	2023-05-22	not yet calculated	CVE-2022-46738 MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping.Com WooCommerce Weight Based Shipping plugin <= 5.4.1 versions.	2023-05-24	not yet calculated	CVE-2022-46794 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.	2023-05-25	not yet calculated	CVE-2022-46800 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.	2023-05-25	not yet calculated	CVE-2022-46810 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.	2023-05-25	not yet calculated	CVE-2022-46812 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner plugin <= 3.1.1 versions.	2023-05-23	not yet calculated	CVE-2022-46813 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lebedel Kodex Posts likes plugin <= 2.4.3 versions.	2023-05-25	not yet calculated	CVE-2022-46814 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.4 versions.	2023-05-24	not yet calculated	CVE-2022-46816 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in WPJoli Joli Table Of Contents plugin <= 1.3.9 versions.	2023-05-25	not yet calculated	CVE-2022-46820 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <= 4.3.3 versions.	2023-05-25	not yet calculated	CVE-2022-46856 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk Resize Media plugin <= 1.1 versions.	2023-05-25	not yet calculated	CVE-2022-46865 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Import External Images plugin <= 1.4 versions.	2023-05-25	not yet calculated	CVE-2022-46866 MISC
oracle -- apache	A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.	2023-05-25	not yet calculated	CVE-2022-46907 MISC MISC
nagvis -- nagvis	Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.	2023-05-26	not yet calculated	CVE-2022-46945 CONFIRM MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.	2023-05-25	not yet calculated	CVE-2022-47135 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in WPManageNinja LLC Ninja Tables – Best Data Table Plugin for WordPress plugin <= 4.3.4 versions.	2023-05-25	not yet calculated	CVE-2022-47136 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin <= 2.1 versions.	2023-05-25	not yet calculated	CVE-2022-47138 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Damir Calusic WP Basic Elements plugin <= 5.2.15 versions.	2023-05-25	not yet calculated	CVE-2022-47139 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.	2023-05-25	not yet calculated	CVE-2022-47144 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <= 1.4 versions.	2023-05-25	not yet calculated	CVE-2022-47149 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Etison, LLC ClickFunnels plugin <= 3.1.1 versions.	2023-05-24	not yet calculated	CVE-2022-47152 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Logaster Logaster Logo Generator plugin <= 1.3 versions.	2023-05-25	not yet calculated	CVE-2022-47159 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.	2023-05-25	not yet calculated	CVE-2022-47161 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.7.7 versions.	2023-05-25	not yet calculated	CVE-2022-47164 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule plugin <= 3.3.8 versions.	2023-05-25	not yet calculated	CVE-2022-47165 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performance Team Performance Lab plugin <= 2.2.0 versions.	2023-05-25	not yet calculated	CVE-2022-47174 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay – Square for WordPress plugin <= 4.1 versions.	2023-05-25	not yet calculated	CVE-2022-47177 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin <= 8.4.7 versions.	2023-05-25	not yet calculated	CVE-2022-47178 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme Kopa Framework plugin <= 1.3.5 versions.	2023-05-24	not yet calculated	CVE-2022-47180 MISC
dataprobe -- iboot_devices	A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection.	2023-05-22	not yet calculated	CVE-2022-47311 MISC MISC
dataprobe -- iboot_devices	The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes.	2023-05-22	not yet calculated	CVE-2022-47320 MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin <= 3.98.7 versions.	2023-05-24	not yet calculated	CVE-2022-47446 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions.	2023-05-24	not yet calculated	CVE-2022-47447 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in dev.Xiligroup.Com - MS plugin <= 1.12.03 versions.	2023-05-24	not yet calculated	CVE-2022-47448 MISC
hitachi_vantara -- pentaho_business_analytics_server	Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods.	2023-05-24	not yet calculated	CVE-2022-4815 MISC
dataprobe -- multiple_products	The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user able to read this specific file from the device could compromise other devices connected to the user's cloud.	2023-05-22	not yet calculated	CVE-2022-4945 MISC MISC
linux -- kernel	Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47	2023-05-25	not yet calculated	CVE-2023-0459 MISC MISC
the_document_foundation -- libreoffice	Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.	2023-05-25	not yet calculated	CVE-2023-0950 MISC DEBIAN
hitachi_vantara -- pentaho_business_analytics_server	Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list.	2023-05-24	not yet calculated	CVE-2023-1158 MISC
minikube_for_macos -- minikube_for_macos	This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container.	2023-05-24	not yet calculated	CVE-2023-1174 MISC
servicenow -- servicenow	Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.	2023-05-23	not yet calculated	CVE-2023-1209 MISC MISC
mitsubishi_electric_corporation -- melsec_iq-f	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.	2023-05-24	not yet calculated	CVE-2023-1424 MISC MISC MISC MISC
keycloak -- keycloak	A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of "Cannot validate client certificate trust: Truststore not available". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. Considering the environment is correctly set to use "Revalidate Client Certificate" this flaw is avoidable.	2023-05-26	not yet calculated	CVE-2023-1664 MISC
libssh -- libssh	A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.	2023-05-26	not yet calculated	CVE-2023-1667 MISC MISC MISC FEDORA MLIST
hypr_server -- hypr_server	Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs)	2023-05-23	not yet calculated	CVE-2023-1837 MISC
minikube -- minikube	This vulnerability enables ssh access to minikube container using a default password.	2023-05-24	not yet calculated	CVE-2023-1944 MISC
avahi-- avahi	A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.	2023-05-26	not yet calculated	CVE-2023-1981 MISC MISC MISC
linux -- kernel	A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.	2023-05-26	not yet calculated	CVE-2023-2002 MISC
nsx-t -- nsx-t	NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages.	2023-05-26	not yet calculated	CVE-2023-20868 MISC
cloud_foundry_routing_release -- cloud_foundry_routing_release	In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected backend as failed and removes it from the routing pool.	2023-05-26	not yet calculated	CVE-2023-20882 MISC
spring_boot -- spring_boot	In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.	2023-05-26	not yet calculated	CVE-2023-20883 MISC
samsung_mobile -- galaxy_store	Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.	2023-05-26	not yet calculated	CVE-2023-21514 MISC
samsung_mobile -- galaxy_store	InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.	2023-05-26	not yet calculated	CVE-2023-21515 MISC
samsung_mobile -- galaxy_store	XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.	2023-05-26	not yet calculated	CVE-2023-21516 MISC
atlassian -- confluence_data_center	Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.19.9. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team.	2023-05-25	not yet calculated	CVE-2023-22504 MISC
the_document_foundation -- libreoffice	Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.	2023-05-25	not yet calculated	CVE-2023-2255 MISC DEBIAN
t&d_corporation_and_espec_mic_corp. -- t&d_corporation_and_espec_mic_corp._data_logger_products	Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).	2023-05-23	not yet calculated	CVE-2023-22654 MISC MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh WP Google Tag Manager plugin <= 1.1 versions.	2023-05-26	not yet calculated	CVE-2023-22693 MISC
libssh -- libssh	A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.	2023-05-26	not yet calculated	CVE-2023-2283 MISC MISC MISC FEDORA
bottles/yaml -- bottles/yaml	Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.	2023-05-26	not yet calculated	CVE-2023-22970 MISC FEDORA FEDORA
garmin -- connect_iq	The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23298 MISC MISC MISC
garmin -- connect_iq	The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data such as user profile information and GPS coordinates, among others.	2023-05-23	not yet calculated	CVE-2023-23299 MISC MISC
garmin -- connect_iq	The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23300 MISC MISC
garmin -- connect_iq	The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious CIQ application could craft a string that starts near the end of a section, and whose length extends past its end. Upon loading the string, the GarminOS TVM component may read out-of-bounds memory.	2023-05-23	not yet calculated	CVE-2023-23301 MISC
garmin -- connect_iq	The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23302 MISC MISC
garmin -- connect_iq	The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23303 MISC MISC
garmin -- connect_iq	The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `Toybox.SensorHistory` module without permission. A malicious application could call any functions from the `Toybox.SensorHistory` module without the user's consent and disclose potentially private or sensitive information.	2023-05-23	not yet calculated	CVE-2023-23304 MISC MISC
garmin -- connect_iq	The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23305 MISC
garmin -- connect_iq	The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted `Toybox.Ant.BurstPayload` object, call its `add` method, override arbitrary memory and hijack the execution of the device's firmware.	2023-05-23	not yet calculated	CVE-2023-23306 MISC MISC
t&d_corporation_and_espec_mic_corp. -- t&d_corporation_and_espec_mic_corp._data_logger_products	Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).	2023-05-23	not yet calculated	CVE-2023-23545 MISC MISC MISC
dell -- vxrail	Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.	2023-05-23	not yet calculated	CVE-2023-23693 MISC
dell -- vxrail	Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.	2023-05-23	not yet calculated	CVE-2023-23694 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.	2023-05-26	not yet calculated	CVE-2023-23714 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.	2023-05-26	not yet calculated	CVE-2023-24007 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik – Spam Blacklist plugin <= 0.7.8 versions.	2023-05-26	not yet calculated	CVE-2023-24008 MISC
m-files -- client	Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of privilege via UI extension applications	2023-05-25	not yet calculated	CVE-2023-2480 MISC
wordpress -- wordpress	The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_postdata' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin to modify access to the plugin when it should only be the administrator's privilege.	2023-05-24	not yet calculated	CVE-2023-2494 MISC MISC
wordpress -- wordpress	The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability check on the 'validate_upload' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin to upload arbitrary files on the affected site's server which may make remote code execution possible.	2023-05-24	not yet calculated	CVE-2023-2496 MISC MISC
wordpress -- wordpress	The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.19 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2023-05-24	not yet calculated	CVE-2023-2498 MISC MISC
wordpress -- wordpress	The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.3.19 via deserialization of untrusted input from the 'go_pricing' shortcode 'data' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.	2023-05-25	not yet calculated	CVE-2023-2500 MISC MISC
wordpress -- wordpress	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in chuyencode CC Custom Taxonomy plugin <= 1.0.1 versions.	2023-05-24	not yet calculated	CVE-2023-25028 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.	2023-05-26	not yet calculated	CVE-2023-25029 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.	2023-05-26	not yet calculated	CVE-2023-25034 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <= 0.58 versions.	2023-05-26	not yet calculated	CVE-2023-25038 MISC
birddog -- multiple_products	Files present on firmware images could allow an attacker to gain unauthorized access as a root user using hard-coded credentials.	2023-05-22	not yet calculated	CVE-2023-2504 MISC MISC
birddog -- multiple_products	The affected products have a CSRF vulnerability that could allow an attacker to execute code and upload malicious files.	2023-05-22	not yet calculated	CVE-2023-2505 MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin <= 1.6.5 versions.	2023-05-26	not yet calculated	CVE-2023-25058 MISC
snap_one -- ovrc_pro	In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.	2023-05-22	not yet calculated	CVE-2023-25183 MISC MISC
square_pig_llc -- fusioninvoice	Stored Cross Site Scripting (XSS) vulnerability in Square Pig FusionInvoice 2023-1.0, allows attackers to execute arbitrary code via the description or content fields to the expenses, tasks, and customer details.	2023-05-25	not yet calculated	CVE-2023-25439 MISC
civicrm -- civicrm	Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.	2023-05-23	not yet calculated	CVE-2023-25440 MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Daniel Mores, A. Huizinga Resize at Upload Plus plugin <= 1.3 versions.	2023-05-26	not yet calculated	CVE-2023-25467 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobogatov Rus-To-Lat plugin <= 0.3 versions.	2023-05-26	not yet calculated	CVE-2023-25470 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About Me 3000 widget plugin <= 2.2.6 versions.	2023-05-23	not yet calculated	CVE-2023-25474 MISC
dell -- poweredge_14g_bios/precision_bios	Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.	2023-05-22	not yet calculated	CVE-2023-25537 MISC
mitel -- mivoice_connect	A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the home.php page. A successful exploit could allow an attacker to execute arbitrary scripts.	2023-05-24	not yet calculated	CVE-2023-25598 MISC MISC
mitel -- mivoice_connect	A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page. A successful exploit could allow an attacker to execute arbitrary scripts.	2023-05-24	not yet calculated	CVE-2023-25599 MISC MISC
wordpress -- wordpress	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sebastian Krysmanski Upload File Type Settings plugin <= 1.1 versions.	2023-05-26	not yet calculated	CVE-2023-25781 MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker could register that device to themselves. This could enable the attacker to perform different operations on the user's devices, including remote code execution with 'root' privileges (using the 'Task Manager' feature on RMS).	2023-05-22	not yet calculated	CVE-2023-2586 MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain. This URL could be shared with others without Remote Management System authentication . An attacker could exploit this vulnerability to create a malicious webpage that uses a trusted and certified domain. An attacker could initiate a reverse shell when a victim connects to the malicious webpage, achieving remote code execution on the victim device.	2023-05-22	not yet calculated	CVE-2023-2588 MISC
qrio,inc. -- qrio_lock(q-sl2)	Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier allows a network-adjacent attacker to analyze the product's communication data and conduct an arbitrary operation under certain conditions.	2023-05-23	not yet calculated	CVE-2023-25946 MISC MISC
works_mobile_japan_corp. -- drive_explorer_for_macos	Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LINE WORKS Drive Explorer, the attacker may be able to read and/or write to arbitrary files without the access privileges.	2023-05-23	not yet calculated	CVE-2023-25953 MISC MISC
eclipse -- openj9	In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.	2023-05-22	not yet calculated	CVE-2023-2597 CONFIRM
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in FixBD Educare plugin <= 1.4.1 versions.	2023-05-26	not yet calculated	CVE-2023-25971 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.	2023-05-26	not yet calculated	CVE-2023-25976 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Tim Eckel Read More Excerpt Link plugin <= 1.6 versions.	2023-05-23	not yet calculated	CVE-2023-26011 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Tim Eckel Minify HTML plugin <= 2.1.7 vulnerability.	2023-05-23	not yet calculated	CVE-2023-26014 MISC
n158 -- n158	All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.	2023-05-27	not yet calculated	CVE-2023-26127 MISC MISC
keep-module-latest -- keep-module-latest	All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.	2023-05-27	not yet calculated	CVE-2023-26128 MISC MISC
bmw-ng -- bmw-ng	All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.	2023-05-27	not yet calculated	CVE-2023-26129 MISC
tibco_software_inc. -- tibco_ebx	The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attacker with low-privileged application access to read system files that are accessible to the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.	2023-05-25	not yet calculated	CVE-2023-26215 MISC
tibco_software_inc. -- tibco_ebx	The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that allows an attacker to upload files to a directory accessible by the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.	2023-05-25	not yet calculated	CVE-2023-26216 MISC
cybozu,_inc. -- cybozu_garoon	Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.	2023-05-23	not yet calculated	CVE-2023-26595 MISC MISC
sitecore -- experience_platform/sitecore_xp	Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote attackers to run arbitrary code via ValidationResult.aspx.	2023-05-23	not yet calculated	CVE-2023-27068 MISC MISC MISC
cybozu,_inc. -- cybozu_garoon	Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.	2023-05-23	not yet calculated	CVE-2023-27304 MISC MISC
netapp -- bluexp_connector	NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing. A new Connector architecture resolves this issue - obtaining the fix requires redeploying a fresh Connector.	2023-05-26	not yet calculated	CVE-2023-27311 MISC
wordpress -- wordpress	The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.	2023-05-25	not yet calculated	CVE-2023-2732 MISC MISC MISC
wordpress -- wordpress	The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.	2023-05-25	not yet calculated	CVE-2023-2733 MISC MISC MISC
wordpress -- wordpress	The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1. This is due to insufficient verification on the user being supplied during the cart sync from mobile REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.	2023-05-25	not yet calculated	CVE-2023-2734 MISC MISC MISC
cybozu,_inc. -- cybozu_garoon	Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.	2023-05-23	not yet calculated	CVE-2023-27384 MISC MISC
t&d_corporation_and_espec_mic_corp. -- t&d_corporation_and_espec_mic_corp._data_logger_products	Cross-site request forgery (CSRF) in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).	2023-05-23	not yet calculated	CVE-2023-27387 MISC MISC MISC
t&d_corporation_and_espec_mic_corp. -- t&d_corporation_and_espec_mic_corp._data_logger_products	Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).	2023-05-23	not yet calculated	CVE-2023-27388 MISC MISC MISC
microengine -- mailform	Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.	2023-05-23	not yet calculated	CVE-2023-27397 MISC MISC
microengine -- mailform	MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.	2023-05-23	not yet calculated	CVE-2023-27507 MISC MISC
contec_co_ltd. -- solarview_compact_sv-cpt-mc310	Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to login the affected product with an administrative privilege and perform an unintended operation.	2023-05-23	not yet calculated	CVE-2023-27512 MISC MISC MISC
contec_co_ltd. -- solarview_compact_sv-cpt-mc310	OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command.	2023-05-23	not yet calculated	CVE-2023-27514 MISC MISC MISC
contec_co_ltd. -- solarview_compact_sv-cpt-mc310	Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code.	2023-05-23	not yet calculated	CVE-2023-27518 MISC MISC MISC
contec_co_ltd. -- solarview_compact_sv-cpt-mc310	OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command.	2023-05-23	not yet calculated	CVE-2023-27521 MISC MISC MISC
wacom -- wacom_tablet_driver_installer	Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution before file access vulnerability. When a user is tricked to execute a small malicious script before executing the affected version of the installer, arbitrary code may be executed with the root privilege.	2023-05-25	not yet calculated	CVE-2023-27529 MISC MISC
contec_co_ltd. -- solarview_compact_sv-cpt-mc310	Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to alter system date/time of the affected product.	2023-05-23	not yet calculated	CVE-2023-27920 MISC MISC MISC
jins -- meme_core	JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may lead to data acquired by a sensor of the affected product being decrypted by a network-adjacent attacker.	2023-05-23	not yet calculated	CVE-2023-27921 MISC MISC
wordpress -- wordpress	Cross-site scripting vulnerability in Newsletter versions prior to 7.6.9 allows a remote unauthenticated attacker to inject an arbitrary script.	2023-05-23	not yet calculated	CVE-2023-27922 MISC MISC
wordpress -- wordpress	Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.	2023-05-23	not yet calculated	CVE-2023-27923 MISC MISC
wordpress -- wordpress	Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.	2023-05-23	not yet calculated	CVE-2023-27925 MISC MISC
wordpress -- wordpress	Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.	2023-05-23	not yet calculated	CVE-2023-27926 MISC MISC
htmlunit -- htmlunit	Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0.	2023-05-25	not yet calculated	CVE-2023-2798 MISC MISC
hclsoftware -- domino_appdeck_pack	The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.	2023-05-23	not yet calculated	CVE-2023-28015 MISC
libjpeg-turbo -- libjpeg-turbo	A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.	2023-05-25	not yet calculated	CVE-2023-2804 MISC MISC MISC MISC MISC
craft_cms -- craft_cms	A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively.	2023-05-26	not yet calculated	CVE-2023-2817 MISC MISC
curl/curl -- libcurl	A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.	2023-05-26	not yet calculated	CVE-2023-28319 MISC
curl/curl -- libcurl	A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.	2023-05-26	not yet calculated	CVE-2023-28320 MISC
curl/curl -- libcurl	An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.	2023-05-26	not yet calculated	CVE-2023-28321 MISC
curl/curl -- libcurl	An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.	2023-05-26	not yet calculated	CVE-2023-28322 MISC
wordpress -- wordpress	Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.	2023-05-23	not yet calculated	CVE-2023-28367 MISC MISC
tornadoweb -- tornado	Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.	2023-05-25	not yet calculated	CVE-2023-28370 MISC MISC
encourage_technologies_co.,ltd. -- ess_rec_agent_server_edition_series	Directory traversal vulnerability in ESS REC Agent Server Edition series allows an authenticated attacker to view or alter an arbitrary file on the server. Affected products and versions are as follows: ESS REC Agent Server Edition for Linux V1.0.0 to V1.4.3, ESS REC Agent Server Edition for Solaris V1.1.0 to V1.4.0, ESS REC Agent Server Edition for HP-UX V1.1.0 to V1.4.0, and ESS REC Agent Server Edition for AIX V1.2.0 to V1.4.1	2023-05-26	not yet calculated	CVE-2023-28382 MISC MISC
icom_inc. -- sr-7100vn	Privilege escalation vulnerability in SR-7100VN firmware Ver.1.38(N) and earlier and SR-7100VN #31 firmware Ver.1.21 and earlier allows a network-adjacent attacker with administrative privilege of the affected product to obtain an administrative privilege of the OS (Operating System). As a result, an arbitrary OS command may be executed.	2023-05-23	not yet calculated	CVE-2023-28390 MISC MISC
inaba_denki_sangyo_co.,_ltd. -- wi-fi_ap_unit	Wi-Fi AP UNIT AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.	2023-05-23	not yet calculated	CVE-2023-28392 MISC MISC
beekeeper_studio,_inc. -- beekeeper_studio	Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. As a result, an arbitrary OS command may be executed as well.	2023-05-23	not yet calculated	CVE-2023-28394 MISC MISC MISC
wordpress -- wordpress	Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings.	2023-05-23	not yet calculated	CVE-2023-28408 MISC MISC
wordpress -- wordpress	Unrestricted upload of file with dangerous type exists in MW WP Form versions v4.4.2 and earlier, which may allow a remote unauthenticated attacker to upload an arbitrary file.	2023-05-23	not yet calculated	CVE-2023-28409 MISC MISC
snap_one -- ovrc_pro	When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information.	2023-05-22	not yet calculated	CVE-2023-28412 MISC MISC
wordpress -- wordpress	Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.	2023-05-23	not yet calculated	CVE-2023-28413 MISC MISC
cloudexplorer-dev -- cloudexplorer-dev/cloudexplorer-lite	Missing Authorization in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.	2023-05-23	not yet calculated	CVE-2023-2844 CONFIRM MISC
cloudexplorer-dev -- cloudexplorer-dev/cloudexplorer-lite	Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.	2023-05-23	not yet calculated	CVE-2023-2845 CONFIRM MISC
nilsteampassnet -- nilsteampassnet/teampass	Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.	2023-05-24	not yet calculated	CVE-2023-2859 CONFIRM MISC
siteserver -- cms	A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-229818 is the identifier assigned to this vulnerability.	2023-05-24	not yet calculated	CVE-2023-2862 MISC MISC MISC
simple_design -- daily_journal	A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819.	2023-05-24	not yet calculated	CVE-2023-2863 MISC MISC MISC
snap_one -- ovrc_pro	The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but does not validate if the found devices are already managed by another user.	2023-05-22	not yet calculated	CVE-2023-28649 MISC MISC
barracuda_networks -- email_security_gateway	A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.	2023-05-24	not yet calculated	CVE-2023-2868 MISC MISC
entech -- monitor_asset_manager	A vulnerability was found in EnTech Monitor Asset Manager 2.9. It has been declared as problematic. Affected by this vulnerability is the function 0x80002014 of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier VDB-229849 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2870 MISC MISC MISC MISC
fabulatech -- usb_for_remote_desktop	A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-229850 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2871 MISC MISC MISC MISC
flexihub -- flexihub	A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2872 MISC MISC MISC MISC
twister -- antivirus	A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2873 MISC MISC MISC MISC
twister -- antivirus	A vulnerability, which was classified as problematic, has been found in Twister Antivirus 8. This issue affects the function 0x804f2158/0x804f2154/0x804f2150/0x804f215c/0x804f2160/0x80800040/0x804f214c/0x804f2148/0x804f2144/0x801120e4/0x804f213c/0x804f2140 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-229853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2874 MISC MISC MISC MISC
escan -- antivirus	A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-24	not yet calculated	CVE-2023-2875 MISC MISC MISC MISC
pimcore -- pimcore/customer-data-framework	Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.	2023-05-25	not yet calculated	CVE-2023-2881 CONFIRM MISC
phpok -- phpok	A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&_noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was assigned to this vulnerability.	2023-05-25	not yet calculated	CVE-2023-2888 MISC MISC MISC
linux -- kernel	There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.	2023-05-26	not yet calculated	CVE-2023-2898 MISC
nfine -- rapid_development_platform	A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-229974 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-25	not yet calculated	CVE-2023-2900 MISC MISC MISC
nfine -- rapid_development_platform	A vulnerability was found in NFine Rapid Development Platform 20230511. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229975. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-25	not yet calculated	CVE-2023-2901 MISC MISC MISC
nfine -- rapid_development_platform	A vulnerability was found in NFine Rapid Development Platform 20230511. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /SystemManage/Organize/GetTreeGridJson?_search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229976. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-25	not yet calculated	CVE-2023-2902 MISC MISC MISC
nfine -- rapid_development_platform	A vulnerability classified as problematic has been found in NFine Rapid Development Platform 20230511. This affects an unknown part of the file /SystemManage/Role/GetGridJson?keyword=&page=1&rows=20. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229977 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-25	not yet calculated	CVE-2023-2903 MISC MISC MISC
artistscope -- copysafe_pdf_reader	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 versions.	2023-05-26	not yet calculated	CVE-2023-29098 MISC
sourcecodester -- comment_system	A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230076.	2023-05-27	not yet calculated	CVE-2023-2922 MISC MISC MISC
tenda -- ac6	A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-27	not yet calculated	CVE-2023-2923 MISC MISC MISC
supcon -- simfield	A vulnerability, which was classified as critical, has been found in Supcon SimField up to 1.80.00.00. Affected by this issue is some unknown functionality of the file /admin/reportupload.aspx. The manipulation of the argument files[] leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-230078 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-27	not yet calculated	CVE-2023-2924 MISC MISC MISC
webkul -- krayin_crm	A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of the file /admin/contacts/organizations/edit/2 of the component Edit Person Page. The manipulation of the argument Organization leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230079. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2023-05-27	not yet calculated	CVE-2023-2925 MISC MISC MISC
seacms -- seacms	A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230081 was assigned to this vulnerability.	2023-05-27	not yet calculated	CVE-2023-2926 MISC MISC MISC
jizhicms -- jizhicms	A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230082 is the identifier assigned to this vulnerability.	2023-05-27	not yet calculated	CVE-2023-2927 MISC MISC MISC
dedecms -- dedecms	A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file uploads/dede/article_allowurl_edit.php. The manipulation of the argument allurls leads to code injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230083.	2023-05-27	not yet calculated	CVE-2023-2928 MISC MISC MISC
openemr -- openemr/openemr	Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2942 MISC CONFIRM
openemr -- openemr/openemr	Code Injection in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2943 MISC CONFIRM
openemr -- openemr/openemr	Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2944 MISC CONFIRM
openemr -- openemr/openemr	Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2945 CONFIRM MISC
openemr -- openemr/openemr	Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2946 CONFIRM MISC
openemr -- openemr/openemr	Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.	2023-05-27	not yet calculated	CVE-2023-2947 MISC CONFIRM
sofawiki_cms -- sofawiki_cms	SofaWiki <= 3.8.9 has a file upload vulnerability that leads to command execution.	2023-05-24	not yet calculated	CVE-2023-29721 MISC MISC
contec_co_ltd. -- solarview_compact	SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.	2023-05-23	not yet calculated	CVE-2023-29919 MISC MISC
camaleon_cms -- camaleon_cms	Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.	2023-05-26	not yet calculated	CVE-2023-30145 MISC MISC MISC MISC MISC
valve -- half-life	A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters.	2023-05-23	not yet calculated	CVE-2023-30382 MISC
ibm -- powervm_hypervisor	IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function (VF) to cause a denial of service to a peer partition or arbitrary data corruption. IBM X-Force ID: 253175.	2023-05-23	not yet calculated	CVE-2023-30440 MISC MISC
hitachi -- ops_center_analyzier	Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component) allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00.	2023-05-23	not yet calculated	CVE-2023-30469 MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Accessibility plugin <= 1.4 versions.	2023-05-25	not yet calculated	CVE-2023-30484 MISC
iris_software_inc. -- iris	Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting (XSS) vulnerability has been identified in iris-web, affecting multiple locations . The vulnerability in allows an attacker to inject malicious scripts into the application, which are then executed when a user visits the affected locations. This can lead to unauthorized access, data theft, or other malicious activities. An attacker need to be authenticated on the application to exploit this vulnerability. The issue was patched in version 2.2.1 of iris-web.	2023-05-25	not yet calculated	CVE-2023-30615 MISC MISC
cilium -- cilium	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2.	2023-05-25	not yet calculated	CVE-2023-30851 MISC MISC MISC MISC
oracle -- apache_inlong	Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user's password and access the account. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 https://github.com/apache/inlong/pull/7805 to solve it.	2023-05-22	not yet calculated	CVE-2023-31098 MISC
c-ares -- c-ares	c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.	2023-05-25	not yet calculated	CVE-2023-31124 MISC MISC MISC MISC
nextcloud -- cookbook	NextCloud Cookbook is a recipe library app. Prior to commit a46d9855 on the `master` branch and commit 489bb744 on the `main-0.9.x` branch, the `pull-checks.yml` workflow is vulnerable to command injection attacks because of using an untrusted `github.head_ref` field. The `github.head_ref` value is an attacker-controlled value. Assigning the value to `zzz";echo${IFS}"hello";#` can lead to command injection. Since the permission is not restricted, the attacker has a write-access to the repository. This issue is fixed in commit a46d9855 on the `master` branch and commit 489bb744 on the `main-0.9.x` branch. There is no risk for the user of the app within the NextCloud server. This only affects the main repository and possible forks of it. Those who have forked the NextCloud Cookbook repository should make sure their forks are on the latest version to prevent code injection attacks and similar.	2023-05-26	not yet calculated	CVE-2023-31128 MISC MISC MISC MISC MISC
c-ares -- c-ares	c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.	2023-05-25	not yet calculated	CVE-2023-31130 MISC MISC MISC MISC
c-ares -- c-ares	c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.	2023-05-25	not yet calculated	CVE-2023-31147 MISC MISC MISC MISC
snap_one -- ovrc_pro	Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation.	2023-05-22	not yet calculated	CVE-2023-31193 MISC MISC
oracle -- apache_inlong	Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://cveprocess.apache.org/cve5/[1] https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891	2023-05-22	not yet calculated	CVE-2023-31206 MISC
huawei -- harmonyos	The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability.	2023-05-26	not yet calculated	CVE-2023-31225 MISC
huawei -- harmonyos	The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality.	2023-05-26	not yet calculated	CVE-2023-31226 MISC
huawei -- harmonyos	The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality.	2023-05-26	not yet calculated	CVE-2023-31227 MISC
snap_one -- ovrc_pro	Snap One OvrC Pro versions prior to 7.2 have their own locally running web server accessible both from the local network and remotely. OvrC cloud contains a hidden superuser account accessible through hard-coded credentials.	2023-05-22	not yet calculated	CVE-2023-31240 MISC MISC
snap_one -- ovrc_pro	Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.	2023-05-22	not yet calculated	CVE-2023-31241 MISC
snap_one -- ovrc_pro	Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redirect the user to arbitrary and dangerous locations on the web.	2023-05-22	not yet calculated	CVE-2023-31245 MISC MISC
mitel -- mivoice_connect	A vulnerability in the Headquarters server component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.	2023-05-24	not yet calculated	CVE-2023-31457 MISC MISC
mitel -- mivoice_connect	A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands.	2023-05-24	not yet calculated	CVE-2023-31458 MISC MISC
mitel -- mivoice_connect	A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands.	2023-05-24	not yet calculated	CVE-2023-31459 MISC MISC
mitel -- mivoice_connect	A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and earlier could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on URL parameters.	2023-05-24	not yet calculated	CVE-2023-31460 MISC MISC
teeworlds -- teeworlds	Teeworlds v0.7.5 was discovered to contain memory leaks.	2023-05-23	not yet calculated	CVE-2023-31517 MISC MISC
teeworlds -- teeworlds	A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file.	2023-05-23	not yet calculated	CVE-2023-31518 MISC MISC MISC
ic_realtime -- icip-p2012t	IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network.	2023-05-25	not yet calculated	CVE-2023-31594 MISC MISC
ic_realtime -- icip-p2012t	IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access.	2023-05-24	not yet calculated	CVE-2023-31595 MISC MISC
wso2 -- api_manager	A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 API Manager before 4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter.	2023-05-23	not yet calculated	CVE-2023-31664 CONFIRM CONFIRM MISC
webassembly -- wat2wasm	WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (").	2023-05-23	not yet calculated	CVE-2023-31669 MISC
webassembly -- webassembly	An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary.	2023-05-23	not yet calculated	CVE-2023-31670 MISC
alist_3.15.1 -- alist_3.15.1	AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information.	2023-05-23	not yet calculated	CVE-2023-31726 MISC MISC
linksys -- e2000	There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters WL_atten_bb, WL_atten_radio, and WL_atten_ctl in the apply.cgi interface, thereby gaining shell privileges.	2023-05-23	not yet calculated	CVE-2023-31740 MISC MISC
linksys -- e2000	There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.	2023-05-23	not yet calculated	CVE-2023-31741 MISC MISC
linksys -- wrt54gl	There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.	2023-05-22	not yet calculated	CVE-2023-31742 MISC MISC
wondershare -- filmora_12	Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.	2023-05-23	not yet calculated	CVE-2023-31747 MISC MISC MISC
wondershare -- mobiletrans	Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file.	2023-05-24	not yet calculated	CVE-2023-31748 MISC MISC
sourcecodester -- employee_and_visitor_gate_pass_logging_system	SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php.	2023-05-23	not yet calculated	CVE-2023-31752 MISC
kerui -- w18_alarm_system	Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.	2023-05-24	not yet calculated	CVE-2023-31759 MISC
blitzwolf -- bw-is22_smart_home_security_alarm	Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.	2023-05-24	not yet calculated	CVE-2023-31761 MISC
digoo -- dg-hamb_smart_home_security_system	Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.	2023-05-24	not yet calculated	CVE-2023-31762 MISC
agshome -- smart_alarm	Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.	2023-05-24	not yet calculated	CVE-2023-31763 MISC
wekan -- wekan	Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.	2023-05-22	not yet calculated	CVE-2023-31779 MISC MISC
d-link -- dir-300	D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.	2023-05-23	not yet calculated	CVE-2023-31814 MISC MISC
it_sourcecode -- content_management_system	IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scripting (XSS) via /ecodesource/search_list.php.	2023-05-22	not yet calculated	CVE-2023-31816 MISC
skyscreamer/nevado -- skyscreamer/nevado	Skyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitrary commands via supplying crafted data.	2023-05-23	not yet calculated	CVE-2023-31826 MISC MISC MISC MISC
wuzhi_cms -- wuzhi_cms	Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system.	2023-05-23	not yet calculated	CVE-2023-31860 MISC
zlmediakit -- zlmediakit	ZLMediaKit 4.0 is vulnerable to Directory Traversal.	2023-05-25	not yet calculated	CVE-2023-31861 MISC MISC
suprema_inc. -- biostar_2	Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web application allows an authenticated attacker with "User Operator" privileges to create a highly privileged user account. The vulnerability is caused by missing server-side validation, which can be exploited to gain full administrator privileges on the system.	2023-05-22	not yet calculated	CVE-2023-31923 MISC
hanwha -- multiple_products	Certain Hanwha products are vulnerable to Denial of Service (DoS). ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service (DoS) via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R 1.41.01 and IP Camera XNV-9082R 2.10.02.	2023-05-23	not yet calculated	CVE-2023-31994 MISC MISC
hanwha -- ip_camera_ane-l7012r	Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Cross Site Scripting (XSS).	2023-05-23	not yet calculated	CVE-2023-31995 MISC
hanwha -- ip_camera_ane-l7012r	Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function.	2023-05-23	not yet calculated	CVE-2023-31996 MISC MISC
c-ares -- c-ares	c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.	2023-05-25	not yet calculated	CVE-2023-32067 MISC MISC MISC MISC
nextcloud -- user_oidc_app	user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2	2023-05-25	not yet calculated	CVE-2023-32074 MISC MISC MISC
sofia-sip -- sofia-sip	Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of GHSA-8599-x7rq-fr54 fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade.	2023-05-26	not yet calculated	CVE-2023-32307 MISC
cloudexplorer_lite -- cloudexplorer_lite	CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.	2023-05-26	not yet calculated	CVE-2023-32311 MISC
openfire -- openfire	Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice.	2023-05-26	not yet calculated	CVE-2023-32315 MISC
cloudexplorer_lite -- cloudexplorer_lite	CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.	2023-05-26	not yet calculated	CVE-2023-32316 MISC
autolab_project -- autolab_project	Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the MOSS cheat checker functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted Tar file. Both "Base File Tar" and "Additional file archive" can be fed with Tar files that contain paths outside their target directories (e.g., `../../../../tmp/tarslipped2.sh`). When the MOSS cheat checker is started the files inside of the archives are expanded to the attacker-chosen locations. This issue may lead to arbitrary file write within the scope of the running process. This issue has been addressed in version 2.11.0. Users are advised to upgrade.	2023-05-26	not yet calculated	CVE-2023-32317 MISC MISC
nextcloud -- nextcloud_server	Nextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other account the previous session would be continued and the attacker would be authenticated as the previously logged in user. It is recommended that the Nextcloud Server is upgraded to 25.0.6 or 26.0.1.	2023-05-26	not yet calculated	CVE-2023-32318 MISC MISC
nextcloud -- nextcloud_server	Nextcloud server is an open source personal cloud implementation. Missing brute-force protection on the WebDAV endpoints via the basic auth header allowed to brute-force user credentials when the provided user name was not an email address. Users from version 24.0.0 onward are affected. This issue has been addressed in releases 24.0.11, 25.0.5 and 26.0.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2023-05-26	not yet calculated	CVE-2023-32319 MISC MISC
ckan -- ckan	CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in Ckan which may lead to remote code execution. An arbitrary file write in `resource_create` and `package_update` actions, using the `ResourceUploader` object. Also reachable via `package_create`, `package_revise`, and `package_patch` via calls to `package_update`. Remote code execution via unsafe pickle loading, via Beaker's session store when configured to use the file session store backend. Potential DOS due to lack of a length check on the resource id. Information disclosure: A user with permission to create a resource can access any other resource on the system if they know the id, even if they don't have access to it. Resource overwrite: A user with permission to create a resource can overwrite any resource if they know the id, even if they don't have access to it. A user with permissions to create or edit a dataset can upload a resource with a specially crafted id to write the uploaded file in an arbitrary location. This can be leveraged to Remote Code Execution via Beaker's insecure pickle loading. All the above listed vulnerabilities have been fixed in CKAN 2.9.9 and CKAN 2.10.1. Users are advised to upgrade. There are no known workarounds for these issues.	2023-05-26	not yet calculated	CVE-2023-32321 MISC
matrix-org -- synapse	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disabled are not affected. In versions of Synapse up to and including 1.73, Synapse did not limit the size of `invite_room_state`, meaning that it was possible to create an arbitrarily large invite event. Synapse 1.74 refuses to create oversized `invite_room_state` fields. Server operators should upgrade to Synapse 1.74 or newer urgently.	2023-05-26	not yet calculated	CVE-2023-32323 MISC MISC MISC
posthog-js -- posthog-js	PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place.	2023-05-27	not yet calculated	CVE-2023-32325 MISC MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether the attempt to claim a device was successful. An attacker could exploit this to create a list of the serial numbers and MAC addresses of all devices cloud-connected to the Remote Management System.	2023-05-22	not yet calculated	CVE-2023-32346 MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC address of a device, they could authenticate as that device and steal communication credentials of the device. This could allow an attacker to enable arbitrary command execution as root by utilizing management options within the newly registered devices.	2023-05-22	not yet calculated	CVE-2023-32347 MISC
teltonika -- remote_management_system	Teltonika’s Remote Management System versions prior to 4.10.0 contain a virtual private network (VPN) hub feature for cross-device communication that uses OpenVPN. It connects new devices in a manner that allows the new device to communicate with all Teltonika devices connected to the VPN. The OpenVPN server also allows users to route through it. An attacker could route a connection to a remote server through the OpenVPN server, enabling them to scan and access data from other Teltonika devices connected to the VPN.	2023-05-22	not yet calculated	CVE-2023-32348 MISC
teltonika -- rut	Versions 00.07.00 through 00.07.03.4 of Teltonika’s RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI configuration utility to change these variables and enable malicious parameters in the dump utility, which could result in arbitrary code execution.	2023-05-22	not yet calculated	CVE-2023-32349 MISC
teltonika -- rut	Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.	2023-05-22	not yet calculated	CVE-2023-32350 MISC
autolab_project -- autolab_project	Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted Tar file. Using the install assessment functionality an attacker can feed a Tar file that contain files with paths pointing outside of the target directory (e.g., `../../../../tmp/tarslipped1.sh`). When the Install assessment form is submitted the files inside of the archives are expanded to the attacker-chosen locations. This issue has been addressed in version 2.11.0. Users are advised to upgrade.	2023-05-26	not yet calculated	CVE-2023-32676 MISC MISC
psf/requests -- psf/requests	Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.	2023-05-26	not yet calculated	CVE-2023-32681 MISC MISC MISC MISC
kiwi_tcms -- kiwi_tcms	Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded. The upload validation checks were not robust enough which left the possibility of an attacker to circumvent them and upload a potentially dangerous file. Exploiting this flaw, a combination of files could be uploaded so that they work together to circumvent the existing Content-Security-Policy and allow execution of arbitrary JavaScript in the browser. This issue has been patched in version 12.3.	2023-05-27	not yet calculated	CVE-2023-32686 MISC MISC
parse-server-push-adapter -- parse-server-push-adapter	parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.	2023-05-27	not yet calculated	CVE-2023-32688 MISC MISC MISC
saleor -- core	Saleor Core is a composable, headless commerce API. Saleor's `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16.	2023-05-25	not yet calculated	CVE-2023-32694 MISC MISC
socket.io -- socket.io	socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3.	2023-05-27	not yet calculated	CVE-2023-32695 MISC MISC MISC MISC
sqlite -- jdbc	SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.	2023-05-23	not yet calculated	CVE-2023-32697 MISC MISC
wordpress -- wordpress	Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions.	2023-05-26	not yet calculated	CVE-2023-32964 MISC
zyxel -- atp_series	A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.	2023-05-24	not yet calculated	CVE-2023-33009 CONFIRM
zyxel -- atp_series	A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.	2023-05-24	not yet calculated	CVE-2023-33010 CONFIRM
nextcloud -- nextcloud_mail	Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.	2023-05-27	not yet calculated	CVE-2023-33184 MISC MISC MISC
django -- django-ses	Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests are signed by AWS and are verified by django_ses, however the verification of this signature was found to be flawed as it allowed users to specify arbitrary public certificates. This issue was patched in version 3.5.0.	2023-05-26	not yet calculated	CVE-2023-33185 MISC MISC MISC
highlight.io -- highlight.io	Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `type="password"` inputs. A customer may assume that switching to `type="text"` would also not record this input; hence, they would not add additional `highlight-mask` css-class obfuscation to this part of the DOM, resulting in unintentional recording of a password value when a `Show Password` button is used. This issue was patched in version 6.0.0. This patch tracks changes to the `type` attribute of an input to ensure an input that used to be a `type="password"` continues to be obfuscated.	2023-05-26	not yet calculated	CVE-2023-33187 MISC MISC
omni-notes -- omni-notes	Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not properly validated, allowing malicious or compromised applications in the same device to force Omni-notes to copy files from its internal storage to its external storage directory, where they would have become accessible to any component with permission to read the external storage. Updating to the newest version (6.2.7) of Omni-notes Android fixes this vulnerability.	2023-05-27	not yet calculated	CVE-2023-33188 MISC
rust -- ntpd-rs	ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes when it is not configured to handle NTS packets. The issue was caused by improper slice indexing. The indexing operations were replaced by safer alternatives that do not crash the ntpd-rs server process but instead properly handle the error condition. A patch was released in version 0.3.3.	2023-05-27	not yet calculated	CVE-2023-33192 MISC MISC
craft_cms -- craft_cms	Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.	2023-05-26	not yet calculated	CVE-2023-33194 MISC MISC MISC
craft_cms -- craft_cms	Craft is a CMS for creating custom digital experiences on the web. A malformed RSS feed can deliver an XSS payload. This issue was patched in version 4.4.6.	2023-05-27	not yet calculated	CVE-2023-33195 MISC MISC
craft_cms -- craft_cms	Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.	2023-05-26	not yet calculated	CVE-2023-33196 MISC MISC MISC
craft_cms -- craft_cms	Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6.	2023-05-26	not yet calculated	CVE-2023-33197 MISC MISC MISC
rekor -- rekor	Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client receives a 500 error message and service still continues, so the availability impact of this is minimal. This has been fixed in v1.2.0 of Rekor. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2023-05-26	not yet calculated	CVE-2023-33199 MISC MISC
moxa -- mxsecurity	MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.	2023-05-22	not yet calculated	CVE-2023-33235 MISC
moxa -- mxsecurity	MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs.	2023-05-22	not yet calculated	CVE-2023-33236 MISC
oracle -- apache_rocketmq	For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .	2023-05-24	not yet calculated	CVE-2023-33246 MISC
talend -- data_catalog	Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server. (A mitigation is that the remote harvesting server should be behind a firewall that only allows access to the Talend Data Catalog server.)	2023-05-26	not yet calculated	CVE-2023-33247 MISC
amazon -- alexa	Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing). Commands at these frequencies are essentially never spoken by authorized actors, but a substantial fraction of the commands are successful.	2023-05-24	not yet calculated	CVE-2023-33248 MISC MISC MISC MISC MISC MISC
akka_http -- akka_http	When Akka HTTP before 10.5.2 accepts file uploads via the FileUploadDirectives.fileUploadAll directive, the temporary file it creates has too weak permissions: it is readable by other users on Linux or UNIX, a similar issue to CVE-2022-41946.	2023-05-21	not yet calculated	CVE-2023-33251 CONFIRM
iden3_snarkjs -- iden3_snarkjs	iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.	2023-05-21	not yet calculated	CVE-2023-33252 MISC MISC
papaya_viewer -- papaya_viewer	An issue was discovered in Papaya Viewer 4a42701. User-supplied input in form of DICOM or NIFTI images can be loaded into the Papaya web application without any kind of sanitization. This allows injection of arbitrary JavaScript code into image metadata, which is executed when that metadata is displayed in the Papaya web application	2023-05-26	not yet calculated	CVE-2023-33255 MISC MISC
softonic -- wftpd_server	In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. NOTE: this is a product from 2006.	2023-05-25	not yet calculated	CVE-2023-33263 MISC
prestashop -- prestashop	In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.	2023-05-25	not yet calculated	CVE-2023-33278 MISC MISC
prestashop -- prestashop	In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.	2023-05-25	not yet calculated	CVE-2023-33279 MISC
prestashop -- prestashop	In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.	2023-05-25	not yet calculated	CVE-2023-33280 MISC MISC
qt-project -- qt	An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.	2023-05-22	not yet calculated	CVE-2023-33285 MISC
kaios -- kaios	An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on *.localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read the manifest.webmanifest contents, including the app version.	2023-05-22	not yet calculated	CVE-2023-33293 MISC
kaios -- kaios	An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns proper CORS headers, it's accessible to all websites via the browser. At a bare minimum, this allows an attacker to retrieve a list of the user's installed apps, notifications, and downloads. It also allows an attacker to delete local files and modify system properties including the boolean persist.moz.killswitch property (which would render the device inoperable). This vulnerability is partially mitigated by SELinux which prevents reads, writes, or modifications to files or permissions within protected partitions.	2023-05-22	not yet calculated	CVE-2023-33294 MISC
bitcoin_core -- bitcoin_core	Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.	2023-05-22	not yet calculated	CVE-2023-33297 MISC MISC MISC MISC MISC
piwigo -- piwigo	Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function.	2023-05-23	not yet calculated	CVE-2023-33359 MISC
piwigo -- piwigo	Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php.	2023-05-23	not yet calculated	CVE-2023-33361 MISC
piwigo -- piwigo	Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.	2023-05-23	not yet calculated	CVE-2023-33362 MISC
skycaiji -- skycaiji	skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data.	2023-05-26	not yet calculated	CVE-2023-33394 MISC
easyimages2.0 -- easyimages2.0	EasyImages2.0 ? 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php.	2023-05-23	not yet calculated	CVE-2023-33599 MISC
parks -- fiberlinks_210	An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter.	2023-05-23	not yet calculated	CVE-2023-33617 MISC
mp4v2 -- mp4v2	mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty.	2023-05-26	not yet calculated	CVE-2023-33720 MISC
mipjz -- mipjz	A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description parameter at /index.php?s=/article/ApiAdminArticle/itemAdd.	2023-05-25	not yet calculated	CVE-2023-33750 MISC
mipjz -- mipjz	A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at /app/tag/controller/ApiAdminTagCategory.php.	2023-05-25	not yet calculated	CVE-2023-33751 MISC
xxl-job -- xxl-job	A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.	2023-05-26	not yet calculated	CVE-2023-33779 MISC MISC MISC
tfdi_design -- smartcars	A stored cross-site scripting (XSS) vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article.	2023-05-26	not yet calculated	CVE-2023-33780 MISC
cloudogu_gmbh_scm_manager -- cloudogu_gmbh_scm_manager	A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.	2023-05-24	not yet calculated	CVE-2023-33829 MISC MISC MISC
liferay -- portal/dxp	Stored cross-site scripting (XSS) vulnerability in Form widget configuration in Liferay Portal 7.1.0 through 7.3.0, and Liferay DXP 7.1 before fix pack 18, and 7.2 before fix pack 5 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a form's `name` field.	2023-05-24	not yet calculated	CVE-2023-33937 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in the App Builder module's custom object details page in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before update 14 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an App Builder custom object's `Name` field.	2023-05-24	not yet calculated	CVE-2023-33938 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in the Modified Facet widget in Liferay Portal 7.1.0 through 7.4.3.12, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 18, 7.3 before update 4, and 7.4 before update 9 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a facet label.	2023-05-24	not yet calculated	CVE-2023-33939 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in IFrame type Remote Apps in Liferay Portal 7.4.0 through 7.4.3.30, and Liferay DXP 7.4 before update 31 allows remote attackers to inject arbitrary web script or HTML via the Remote App's IFrame URL.	2023-05-24	not yet calculated	CVE-2023-33940 MISC
liferay -- portal/dxp	Multiple cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationRedirect class in Liferay Portal 7.4.3.41 through 7.4.3.52, and Liferay DXP 7.4 update 41 through 52 allow remote attackers to inject arbitrary web script or HTML via the (1) code, or (2) error parameter.	2023-05-24	not yet calculated	CVE-2023-33941 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's `Title` field.	2023-05-24	not yet calculated	CVE-2023-33942 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in the Account module in Liferay Portal 7.4.3.21 through 7.4.3.62, and Liferay DXP 7.4 update 21 through 62 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user's (1) First Name, (2) Middle Name, (3) Last Name, or (4) Job Title text field.	2023-05-24	not yet calculated	CVE-2023-33943 MISC
liferay -- portal/dxp	Cross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP 7.3 before update 24, and 7.4 before update 69 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a container type layout fragment's `URL` text field.	2023-05-24	not yet calculated	CVE-2023-33944 MISC
liferay -- portal/dxp	SQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17, and Liferay DXP 7.3 before update 6, and 7.4 before update 18 allows attackers to execute arbitrary SQL commands via the name of a database table's primary key index. This vulnerability is only exploitable when chained with other attacks. To exploit this vulnerability, the attacker must modify the database and wait for the application to be upgraded.	2023-05-24	not yet calculated	CVE-2023-33945 MISC
liferay -- portal/dxp	The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope administration page.	2023-05-24	not yet calculated	CVE-2023-33946 MISC
liferay -- portal/dxp	The Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virtual instance in search which allows remote authenticated users in one virtual instance to view object definition from a second virtual instance by searching for the object definition.	2023-05-24	not yet calculated	CVE-2023-33947 MISC
liferay -- portal/dxp	The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can be downloaded from a Form, which allows remote attackers to download any file from Document and Media via a crafted URL.	2023-05-24	not yet calculated	CVE-2023-33948 MISC
liferay -- portal/dxp	In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true.	2023-05-24	not yet calculated	CVE-2023-33949 MISC
liferay -- portal/dxp	Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.	2023-05-24	not yet calculated	CVE-2023-33950 MISC
briar_project -- briar	Bramble Synchronisation Protocol (BSP) in Briar before 1.4.22 allows attackers to cause a denial of service (repeated application crashes) via a series of long messages to a contact.	2023-05-24	not yet calculated	CVE-2023-33980 MISC MISC
briar_project -- briar	Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one.	2023-05-24	not yet calculated	CVE-2023-33981 MISC MISC
briar_project -- briar	Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden service protocol.	2023-05-24	not yet calculated	CVE-2023-33982 MISC MISC
briar_project -- briar	The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private communication between two introduced parties.	2023-05-24	not yet calculated	CVE-2023-33983 MISC

Back to top

Continue reading...

CISA Bulletins - Vulnerability Summary for the Week of May 22, 2023

CISA

Guest

High Vulnerabilities​

Medium Vulnerabilities​

Low Vulnerabilities​

Severity Not Yet Assigned​

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned