Vulnerability Summary for the Week of May 15, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

PrimaryVendor — Product Description Published CVSS Score Source & Patch Info
ideasoft –rental_module Unrestricted Upload of File with Dangerous Type vulnerability in “Rental Module” developed by third-party for Ideasoft’s E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15. 2023-05-20 10 CVE-2023-2712MISC
wago — multiple_products In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. 2023-05-15 9.8 CVE-2023-1698MISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability was found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this issue is the function manager_category of the file admin/?page=categories/manage_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-228884. 2023-05-12 9.8 CVE-2023-2668MISCMISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability. 2023-05-12 9.8 CVE-2023-2669MISCMISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability. 2023-05-12 9.8 CVE-2023-2670MISCMISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888. 2023-05-12 9.8 CVE-2023-2672MISCMISC
companymaps_project — companymaps SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request. 2023-05-12 9.8 CVE-2023-29809MISCMISC
judging_management_system_project — judging_management_system SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter. 2023-05-12 9.8 CVE-2023-30246MISCMISC
storage_unit_rental_management_system_project — storage_unit_rental_management_system File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the update_settings parameter. 2023-05-12 9.8 CVE-2023-30247MISCMISC
codesys — multiple_products An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47379MISC
codesys — multiple_products An authenticated remote attacker may use a stack based  out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47380MISC
codesys — multiple_products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47381MISC
codesys — multiple_products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47382MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47383MISC
codesys — multiple_products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47384MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47385MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47386MISC
codesys — multiple_products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47387MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47388MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47389MISC
codesys — multiple_products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. 2023-05-15 8.8 CVE-2022-47390MISC
google — chrome Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) 2023-05-12 8.8 CVE-2023-2457MISCMISC
google — chrome Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High) 2023-05-12 8.8 CVE-2023-2458MISCMISC
ideasoft — rental_module Authorization Bypass Through User-Controlled Key vulnerability in “Rental Module” developed by third-party for Ideasoft’s E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15. 2023-05-20 8.8 CVE-2023-2713MISC
codesys — development_system_v3 Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application. 2023-05-15 7.7 CVE-2022-4048MISC
codesys — multiple_products In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. 2023-05-15 7.5 CVE-2022-47391MISC
rosariosis — rosariosis Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. 2023-05-12 7.5 CVE-2023-2665CONFIRMMISC
froxlor — froxlor Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16. 2023-05-12 7.5 CVE-2023-2666CONFIRMMISC

Back to top 

Medium Vulnerabilities

PrimaryVendor — Product Description Published CVSS Score Source & Patch Info
codesys — multiple_products Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. 2023-05-15 6.5 CVE-2022-47378MISC
codesys — multiple_products An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. 2023-05-15 6.5 CVE-2022-47392MISC
codesys — multiple_products An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. 2023-05-15 6.5 CVE-2022-47393MISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-228883. 2023-05-12 6.1 CVE-2023-2667MISCMISC
lost_and_found_information_system_project — lost_and_found_information_system A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887. 2023-05-12 6.1 CVE-2023-2671MISCMISC
companymaps_project — companymaps Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code. 2023-05-12 6.1 CVE-2023-29808MISCMISCMISC
jerryscript — jerryscript Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. 2023-05-12 5.5 CVE-2023-31913MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. 2023-05-12 5.5 CVE-2023-31914MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. 2023-05-12 5.5 CVE-2023-31916MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. 2023-05-12 5.5 CVE-2023-31918MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. 2023-05-12 5.5 CVE-2023-31919MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. 2023-05-12 5.5 CVE-2023-31920MISC
jerryscript — jerryscript Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. 2023-05-12 5.5 CVE-2023-31921MISC
ibm — planning_analytics_local IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 250454. 2023-05-12 5.4 CVE-2023-28520MISCMISC
ibm — spectrum_protect IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325. 2023-05-12 4.9 CVE-2023-27863MISCMISC
codesolz — easy_ad_manager Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodeSolz Easy Ad Manager plugin 2023-05-12 4.8 CVE-2023-25460MISC
simple_tooltips_project — simple_tooltips Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin 2023-05-12 4.8 CVE-2023-25958MISC
apexchat — apexchat Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ApexChat plugin 2023-05-12 4.8 CVE-2023-28414MISC
codesys — multiple_products Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. 2023-05-15 4.3 CVE-2022-22508MISC

Back to top

Low Vulnerabilities

PrimaryVendor — Product Description Published CVSS Score Source & Patch Info
microsoft — azure_arc_jumpstart Azure Arc Jumpstart Information Disclosure Vulnerability 2023-05-18 3.3 CVE-2022-35798MISC

Back to top

Severity Not Yet Assigned

PrimaryVendor — Product Description Published CVSS Score Source & Patch Info
umbraco — cms Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx. 2023-05-18 not yet calculated CVE-2019-25137MISCMISCMISCMISC
google — android Product: AndroidVersions: Android SoCAndroid ID: A-273754094 2023-05-15 not yet calculated CVE-2021-0877MISC
moodle — moodle Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the “Additional HTML Section” via “Header and Footer” parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. 2023-05-16 not yet calculated CVE-2021-27131MISCMISC
fastweb – fastgate_media_access  A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS. 2023-05-19 not yet calculated CVE-2022-30114MISCMISCMISC
western_digital — multiple_products An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. 2023-05-18 not yet calculated CVE-2022-36326MISCMISC
western_digital — multiple_products Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. 2023-05-18 not yet calculated CVE-2022-36327MISCMISC
western_digital — multiple_products Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This can only be exploited once an attacker gains root privileges on the devices using an authentication bypass issue or another vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202. 2023-05-18 not yet calculated CVE-2022-36328MISCMISC
xen — xen Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it’s possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won’t have effect because the hypervisor assumes it’s already active. 2023-05-17 not yet calculated CVE-2022-42336MISC
acronis — cyber_protect_home_office Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208. 2023-05-18 not yet calculated CVE-2022-4418MISC
algoo — tracim Algoo Tracim before 4.4.2 allows XSS via HTML file upload. 2023-05-17 not yet calculated CVE-2022-45144MISCMISCMISC
acronis — multiple_products Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984. 2023-05-18 not yet calculated CVE-2022-45450MISC
acronis — multiple_products Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984. 2023-05-18 not yet calculated CVE-2022-45452MISC
acronis — cyber_protect_15 TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. 2023-05-18 not yet calculated CVE-2022-45453MISC
acronis — multiple_products Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984. 2023-05-18 not yet calculated CVE-2022-45457MISC
acronis — multiple_products Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984. 2023-05-18 not yet calculated CVE-2022-45458MISC
acronis — multiple_products Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. 2023-05-18 not yet calculated CVE-2022-45459MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin 2023-05-20 not yet calculated CVE-2022-47134MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin 2023-05-18 not yet calculated CVE-2022-47157MISC
wordpress — wordpress The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it’s file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution. 2023-05-15 not yet calculated CVE-2022-4774MISC
ibm — infosphere_information_server IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163. 2023-05-19 not yet calculated CVE-2022-47984MISCMISC
vinteo — vcc Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user’s browser. 2023-05-12 not yet calculated CVE-2022-48020MISCMISCMISC
octopus — octopus In affected versions of Octopus Deploy it is possible to discover network details via error message 2023-05-18 not yet calculated CVE-2022-4870MISC
wordpress — wordpress The ActiveCampaign WordPress plugin before 8.1.12 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks 2023-05-15 not yet calculated CVE-2023-0233MISC
wordpress — wordpress The f(x) TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. 2023-05-15 not yet calculated CVE-2023-0490MISC
wordpress — wordpress The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection means an attacker can trick a logged in admin to perform the attack by submitting a hidden form. 2023-05-15 not yet calculated CVE-2023-0520MISC
wordpress — wordpress The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. 2023-05-15 not yet calculated CVE-2023-0600MISC
wordpress — wordpress The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. 2023-05-15 not yet calculated CVE-2023-0644MISC
wordpress — wordpress The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack 2023-05-15 not yet calculated CVE-2023-0761MISC
wordpress — wordpress The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack 2023-05-15 not yet calculated CVE-2023-0762MISC
wordpress — wordpress The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack 2023-05-15 not yet calculated CVE-2023-0763MISC
wordpress — wordpress The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure. 2023-05-15 not yet calculated CVE-2023-0812MISC
abb — multiple_products Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. 2023-05-17 not yet calculated CVE-2023-0863MISC
abb — multiple_products Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. 2023-05-17 not yet calculated CVE-2023-0864MISC
wordpress — wordpress The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) 2023-05-15 not yet calculated CVE-2023-0892MISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. 2023-05-18 not yet calculated CVE-2023-0965MISCMISC
wordpress — wordpress The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. 2023-05-15 not yet calculated CVE-2023-1019MISC
netapp — snapcenter SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. 2023-05-12 not yet calculated CVE-2023-1096MISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_se_driver_key_agreement

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-1132MISCMISC
linux — kernel A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request. 2023-05-18 not yet calculated CVE-2023-1195MISC
wordpress — wordpress This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. 2023-05-15 not yet calculated CVE-2023-1207MISC
wordpress — wordpress The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present 2023-05-15 not yet calculated CVE-2023-1549MISC
wordpress — wordpress The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin 2023-05-15 not yet calculated CVE-2023-1596MISC
mitshbishi_eclectric — melsec_ws_series_wso-geth00200 Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all versions allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and is enabled by default when shipped from the factory. As a result, a remote attacker with unauthorized login can reset the module, and if certain conditions are met, he/she can disclose or tamper with the module’s configuration or rewrite the firmware. 2023-05-19 not yet calculated CVE-2023-1618MISCMISCMISC
huawei — multiple_products The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. 2023-05-20 not yet calculated CVE-2023-1692MISCMISC
huawei — multiple_products The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. 2023-05-20 not yet calculated CVE-2023-1693MISCMISC
huawei — multiple_products The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. 2023-05-20 not yet calculated CVE-2023-1694MISCMISC
huawei — multiple_products The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. 2023-05-20 not yet calculated CVE-2023-1696MISCMISC
libraw — libraw A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. 2023-05-15 not yet calculated CVE-2023-1729MISCMISCFEDORAFEDORA
cannon — ij_nw_toool Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the software. 2023-05-17 not yet calculated CVE-2023-1763MISCMISC
cannon — ij_nw_toool Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software. 2023-05-17 not yet calculated CVE-2023-1764MISCMISC
wordpress — wordpress The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin 2023-05-15 not yet calculated CVE-2023-1835MISC
wordpress — wordpress The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). 2023-05-15 not yet calculated CVE-2023-1839MISC
linux — kernel A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. 2023-05-17 not yet calculated CVE-2023-1859MISC
wordpress — wordpress The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting 2023-05-15 not yet calculated CVE-2023-1890MISC
wordpress — wordpress The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin. 2023-05-15 not yet calculated CVE-2023-1915MISC
binutils — binutils A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. 2023-05-17 not yet calculated CVE-2023-1972MISCMISC
dassault — 3dexperience A reflected Cross-site Scripting (XSS) vulnerability in 3DEXPERIENCE R2018x through R2023x allows an attacker to execute arbitrary script code. 2023-05-19 not yet calculated CVE-2023-1996MISC
cisco — business_wireless_access_points_software A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication. 2023-05-18 not yet calculated CVE-2023-20003CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20024CISCO
cisco — identity_services_engine_software Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device. 2023-05-18 not yet calculated CVE-2023-20077CISCO
cisco — identity_services_engine_software Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device. 2023-05-18 not yet calculated CVE-2023-20087CISCO
wordpress — wordpress Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). 2023-05-15 not yet calculated CVE-2023-2009MISC
cisco — identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20106CISCO
cisco — smart_software_manager_on_prem A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read sensitive data on the underlying database. 2023-05-18 not yet calculated CVE-2023-20110CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20156CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20157CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20158CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20159CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20160CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20161CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20162CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20163CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20164CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20166CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20167CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20171CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20172CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20173CISCO
cisco – identity_services_engine_software Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20174CISCO
cisco — digital_network_architecture_center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20182CISCO
cisco — digital_network_architecture_center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20183CISCO
cisco — digital_network_architecture_center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20184CISCO
cisco — small_business_smart_and_managed_switches Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. 2023-05-18 not yet calculated CVE-2023-20189CISCO
johnson_controls — openblue_enterprise_manager_data_collector Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. 2023-05-18 not yet calculated CVE-2023-2024MISCMISC
johnson_controls — openblue_enterprise_manager_data_collector OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances. 2023-05-18 not yet calculated CVE-2023-2025MISCMISC
mediatek — multiple_products In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. 2023-05-15 not yet calculated CVE-2023-20673MISC
mediatek — multiple_products In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only). 2023-05-15 not yet calculated CVE-2023-20694MISC
mediatek — multiple_products In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only). 2023-05-15 not yet calculated CVE-2023-20695MISC
mediatek — multiple_products In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only). 2023-05-15 not yet calculated CVE-2023-20696MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. 2023-05-15 not yet calculated CVE-2023-20697MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. 2023-05-15 not yet calculated CVE-2023-20698MISC
mediatek — multiple_products In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696073; Issue ID: ALPS07696073. 2023-05-15 not yet calculated CVE-2023-20699MISC
mediatek — multiple_products In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304. 2023-05-15 not yet calculated CVE-2023-20700MISC
mediatek — multiple_products In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270. 2023-05-15 not yet calculated CVE-2023-20701MISC
mediatek — multiple_products In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853. 2023-05-15 not yet calculated CVE-2023-20703MISC
mediatek — multiple_products In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826. 2023-05-15 not yet calculated CVE-2023-20704MISC
mediatek — multiple_products In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870. 2023-05-15 not yet calculated CVE-2023-20705MISC
mediatek — multiple_products In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860. 2023-05-15 not yet calculated CVE-2023-20706MISC
mediatek — multiple_products In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556. 2023-05-15 not yet calculated CVE-2023-20707MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655. 2023-05-15 not yet calculated CVE-2023-20708MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951. 2023-05-15 not yet calculated CVE-2023-20709MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. 2023-05-15 not yet calculated CVE-2023-20710MISC
mediatek — multiple_products In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. 2023-05-15 not yet calculated CVE-2023-20711MISC
mediatek — multiple_products In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185. 2023-05-15 not yet calculated CVE-2023-20717MISC
mediatek — multiple_products In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181. 2023-05-15 not yet calculated CVE-2023-20718MISC
mediatek — multiple_products In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. 2023-05-15 not yet calculated CVE-2023-20719MISC
mediatek — multiple_products In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586. 2023-05-15 not yet calculated CVE-2023-20720MISC
mediatek — multiple_products In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155. 2023-05-15 not yet calculated CVE-2023-20721MISC
mediatek — multiple_products In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084. 2023-05-15 not yet calculated CVE-2023-20722MISC
mnld — mnld In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only). 2023-05-15 not yet calculated CVE-2023-20726MISC
vmware — aria_operations VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. 2023-05-12 not yet calculated CVE-2023-20877MISC
vmware — aria_operations VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. 2023-05-12 not yet calculated CVE-2023-20878MISC
vmware — aria_operations VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. 2023-05-12 not yet calculated CVE-2023-20879MISC
openstack — openstack A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality. 2023-05-12 not yet calculated CVE-2023-2088MISC
vmware — aria_operations VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to ‘root’. 2023-05-12 not yet calculated CVE-2023-20880MISC
cloud_controller_ap — cloud_controller_api Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they’re aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection. 2023-05-19 not yet calculated CVE-2023-20881MISC
google — android In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529 2023-05-15 not yet calculated CVE-2023-20914MISC
google — android In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066 2023-05-15 not yet calculated CVE-2023-20930MISC
google — android In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel 2023-05-15 not yet calculated CVE-2023-21102MISC
google — android In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 2023-05-15 not yet calculated CVE-2023-21103MISC
google — android In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771 2023-05-15 not yet calculated CVE-2023-21104MISC
google — android In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel 2023-05-15 not yet calculated CVE-2023-21106MISC
google — android In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259385017 2023-05-15 not yet calculated CVE-2023-21107MISC
google — android In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 2023-05-15 not yet calculated CVE-2023-21109MISC
google — android In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 2023-05-15 not yet calculated CVE-2023-21110MISC
google — android In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 2023-05-15 not yet calculated CVE-2023-21111MISC
google — android In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983 2023-05-15 not yet calculated CVE-2023-21112MISC
google — android In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256202273 2023-05-15 not yet calculated CVE-2023-21116MISC
google — android In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101 2023-05-15 not yet calculated CVE-2023-21117MISC
google — android In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 2023-05-15 not yet calculated CVE-2023-21118MISC
linux — kernel An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. 2023-05-15 not yet calculated CVE-2023-2124MISC

schneider_electric — opc_factory_server

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that
could cause unauthorized read access to the file system when a malicious configuration file is
loaded on to the software by a local user. 
2023-05-16 not yet calculated CVE-2023-2161MISC
wordpress — wordpress The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example 2023-05-15 not yet calculated CVE-2023-2179MISC
wordpress — wordpress The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server) 2023-05-15 not yet calculated CVE-2023-2180MISC
gitlab — gitlab An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI. 2023-05-12 not yet calculated CVE-2023-2181MISCMISCCONFIRM
jenkins — Jenkins_code_dx_plugin A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL. 2023-05-16 not yet calculated CVE-2023-2195MISC
jenkins — Jenkins_code_dx_plugin A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. 2023-05-16 not yet calculated CVE-2023-2196MISC
red_hat — webkitgtk A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. 2023-05-17 not yet calculated CVE-2023-2203MISCMISCMISCMISC
checkmk — tribe29 Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. 2023-05-15 not yet calculated CVE-2023-22318MISC
checkmk — gmbh Improper Authorization in RestAPI in Checkmk GmbH’s Checkmk versions 2023-05-17 not yet calculated CVE-2023-22348MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin 2023-05-15 not yet calculated CVE-2023-22684MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin 2023-05-12 not yet calculated CVE-2023-22685MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin 2023-05-20 not yet calculated CVE-2023-22689MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin 2023-05-15 not yet calculated CVE-2023-22690MISC
wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin 2023-05-15 not yet calculated CVE-2023-22703MISC
wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin 2023-05-15 not yet calculated CVE-2023-22706MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin 2023-05-15 not yet calculated CVE-2023-22717MISC
wordpress — wordpress The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. 2023-05-20 not yet calculated CVE-2023-2276MISCMISCMISC
ibm — infosphere_information_server IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373. 2023-05-19 not yet calculated CVE-2023-22878MISCMISC
red_hat — libreswan A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. 2023-05-17 not yet calculated CVE-2023-2295MISCMISCMISCMISC

red_hat — pcs

It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2. 2023-05-17 not yet calculated CVE-2023-2319MISCMISCMISC
sick_ag — multiple_products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote
attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the
REST interface.
2023-05-15 not yet calculated CVE-2023-23445MISCMISCMISC
sick_ag — multiple_products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.
2023-05-15 not yet calculated CVE-2023-23446MISCMISCMISC
sick_ag — multiple_products Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged
remote attacker to influence the availability of the webserver by invocing several open file requests via
the REST interface.
2023-05-15 not yet calculated CVE-2023-23447MISCMISCMISC
sick_ag — multiple_products Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a
remote attacker to gain information about valid usernames via analysis of source code.
2023-05-15 not yet calculated CVE-2023-23448MISCMISCMISC
sick_ag — multiple_products Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker
to gain information about valid usernames by analyzing challenge responses from the server via the
REST interface.
2023-05-15 not yet calculated CVE-2023-23449MISCMISCMISC
sick_ag — multiple_products Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR
FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526
allows an unprivileged remote attacker to use a password hash instead of an actual password to login
to a valid user account via the REST interface.
2023-05-15 not yet calculated CVE-2023-23450MISCMISCMISC
facebook — hermes An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-23556MISCMISC
facebook — hermes An error in Hermes’ algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-23557MISCMISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin 2023-05-16 not yet calculated CVE-2023-23641MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SparkPost plugin 2023-05-15 not yet calculated CVE-2023-23654MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Richard Leishman t/a Webforward Mail Subscribe List plugin 2023-05-16 not yet calculated CVE-2023-23657MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in BeRocket Brands for WooCommerce plugin 2023-05-18 not yet calculated CVE-2023-23667MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Harish Chouhan, Themeist I Recommend This plugin 2023-05-16 not yet calculated CVE-2023-23673MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOLA WP Original Media Path plugin 2023-05-15 not yet calculated CVE-2023-23674MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bruno “Aesqe” Babic File Gallery plugin 2023-05-16 not yet calculated CVE-2023-23676MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Maintenance Mode plugin 2023-05-15 not yet calculated CVE-2023-23682MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin 2023-05-15 not yet calculated CVE-2023-23683MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin 2023-05-15 not yet calculated CVE-2023-23688MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin 2023-05-16 not yet calculated CVE-2023-23703MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Denis WPJAM Basic plugin 2023-05-16 not yet calculated CVE-2023-23709MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin 2023-05-16 not yet calculated CVE-2023-23720MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin 2023-05-16 not yet calculated CVE-2023-23727MISC
facebook — fizz There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service). 2023-05-18 not yet calculated CVE-2023-23759MISCMISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SnapOrbital Panorama plugin 2023-05-12 not yet calculated CVE-2023-23810MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gautam Thapar Button Builder – Buttons X plugin 2023-05-12 not yet calculated CVE-2023-23867MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Airbnb Review Slider plugin 2023-05-20 not yet calculated CVE-2023-23890MISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in MonsterInsights plugin 2023-05-18 not yet calculated CVE-2023-23999MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin 2023-05-20 not yet calculated CVE-2023-24414MISC
openprinting — cups-filters cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime. 2023-05-17 not yet calculated CVE-2023-24805MISCMISCMISCMISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_se_opaque_import_key

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-2481MISCMISC
facebook — hermes A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-24832MISCMISC
facebook — hermes A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-24833MISCMISC
emacs — emacs A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the “org-babel-execute:latex” function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. 2023-05-17 not yet calculated CVE-2023-2491MISCMISCMISCMISC
wordpress — wordpress The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. 2023-05-16 not yet calculated CVE-2023-2499MISCMISCMISC
autodesk — infraworks A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. 2023-05-12 not yet calculated CVE-2023-25005MISC
autodesk — 3ds_max_usd_plugin A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. 2023-05-12 not yet calculated CVE-2023-25006MISC
autodesk — 3ds_max_usd_plugin A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution. 2023-05-12 not yet calculated CVE-2023-25007MISC
autodesk — 3ds_max_usd_plugin A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution. 2023-05-12 not yet calculated CVE-2023-25008MISC
autodesk — 3ds_max_usd_plugin A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution. 2023-05-12 not yet calculated CVE-2023-25009MISC
asustor — adm A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below, LooksGood 2.0.0.R129 and below and SoundsGood 2.3.0.r1027 and below. 2023-05-17 not yet calculated CVE-2023-2509MISC
wordpress — wordpress The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2023-05-17 not yet calculated CVE-2023-2528MISCMISCMISC
videostream — videostream Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours. 2023-05-17 not yet calculated CVE-2023-25394MISCMISC
soft-o — free_password_manager A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. 2023-05-12 not yet calculated CVE-2023-25428MISCMISC
wordpress — wordpress The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup. 2023-05-16 not yet calculated CVE-2023-2548MISCMISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Studio Wombat Shoppable Images plugin 2023-05-18 not yet calculated CVE-2023-25698MISC
ibm — security_verify_access IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635. 2023-05-12 not yet calculated CVE-2023-25927MISCMISC
facebook — hermes A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-25933MISCMISC
reactphp — http react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP’s HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impact on the default configuration, but can be exploited when explicitly using the RequestBodyBufferMiddleware with very large settings. This might lead to consuming large amounts of CPU time for processing requests and significantly delay or slow down the processing of legitimate user requests. This issue has been addressed in release 1.9.0. Users are advised to upgrade. Users unable to upgrade may keep the request body limited using RequestBodyBufferMiddleware with a sensible value which should mitigate the issue. An infrastructure or DevOps workaround could be to place a reverse proxy in front of the ReactPHP HTTP server to filter out any excessive HTTP request bodies. 2023-05-17 not yet calculated CVE-2023-26044MISCMISC
wordpress — wordpress The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to missing nonce verification on the projects_list function and insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries leading to resource exhaustion via a forged request granted they can trick an administrator into performing an action such as clicking on a link. Version 3.3.18 addresses the SQL Injection, which drastically reduced the severity. 2023-05-17 not yet calculated CVE-2023-2608MISCMISCMISCMISC
jenkins — code_dx_plugin A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. 2023-05-16 not yet calculated CVE-2023-2631MISC
jenkins — code_dx_plugin Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. 2023-05-16 not yet calculated CVE-2023-2632MISC
jenkins — code_dx_plugin Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them. 2023-05-16 not yet calculated CVE-2023-2633MISC
snow_software — spe_slm Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. 2023-05-17 not yet calculated CVE-2023-2679MISC
telegram — telegram Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. 2023-05-19 not yet calculated CVE-2023-26818MISCMISC
sourcecodester — billing_management_system A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228970 is the identifier assigned to this vulnerability. 2023-05-14 not yet calculated CVE-2023-2689MISCMISCMISC
sourcecodester — personnel_property_equipment_system A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0. This issue affects some unknown processing of the file admin/returned_reuse_form.php of the component GET Parameter Handler. The manipulation of the argument client_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228971. 2023-05-14 not yet calculated CVE-2023-2690MISCMISCMISC
sourcecodester — personnel_property_equipment_system A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Affected is an unknown function of the file admin/add_item.php of the component POST Parameter Handler. The manipulation of the argument item_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228972. 2023-05-14 not yet calculated CVE-2023-2691MISCMISCMISC
sourcecodester — ict_laboratory A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/room_info.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228973 was assigned to this vulnerability. 2023-05-14 not yet calculated CVE-2023-2692MISCMISCMISC
sourcecodester — online_exam_system A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228974 is the identifier assigned to this vulnerability. 2023-05-14 not yet calculated CVE-2023-2693MISCMISCMISC
sourcecodester — online_exam_system A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228975. 2023-05-14 not yet calculated CVE-2023-2694MISCMISCMISC
sourcecodester — online_exam_system A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228976. 2023-05-14 not yet calculated CVE-2023-2695MISCMISCMISC
sourcecodester — online_exam_system A vulnerability was found in SourceCodester Online Exam System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /matkul/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228977 was assigned to this vulnerability. 2023-05-14 not yet calculated CVE-2023-2696MISCMISCMISC
sourcecodester — online_exam_system A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns[1][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228978 is the identifier assigned to this vulnerability. 2023-05-14 not yet calculated CVE-2023-2697MISCMISCMISC
sourcecodester — lost_and_found_information_system A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228979. 2023-05-14 not yet calculated CVE-2023-2698MISCMISCMISC
sourcecodester — lost_and_found_information_system A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228980. 2023-05-14 not yet calculated CVE-2023-2699MISCMISCMISC
libvrt — libvrt A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device’s capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct’s g_autoptr cleanup. 2023-05-15 not yet calculated CVE-2023-2700MISCMISCMISC
wordpress — wordpress The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. 2023-05-19 not yet calculated CVE-2023-2704MISCMISCMISCMISC
wordpress — wordpress The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social engineering or reconnaissance. 2023-05-17 not yet calculated CVE-2023-2706MISCMISCMISC
wordpress — wordpress The Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions up to, and including, 1.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2023-05-16 not yet calculated CVE-2023-2708MISCMISCMISC
wordpress — wordpress The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2023-05-16 not yet calculated CVE-2023-2710MISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘check_license’ functions in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change the license key and support license key, but it can only be changed to a valid license key. 2023-05-20 not yet calculated CVE-2023-2714MISCMISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘submit_ticket’ function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website’s data to the plugin developer, and it is also possible to create an admin access with an auto login link that is also sent to the plugin developer with the ticket. It only works if the plugin is activated with a valid license. 2023-05-20 not yet calculated CVE-2023-2715MISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the ‘ajax_upload_file’ function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload a file to the contact, and then lists all the other uploaded files related to the contact. 2023-05-20 not yet calculated CVE-2023-2716MISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation on the ‘enable_safe_mode’ function. This makes it possible for unauthenticated attackers to enable safe mode, which disables all other plugins, via a forged request if they can successfully trick an administrator into performing an action such as clicking on a link. A warning message about safe mode is displayed to the admin, which can be easily disabled. 2023-05-20 not yet calculated CVE-2023-2717MISCMISCMISC
google — chrome Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) 2023-05-16 not yet calculated CVE-2023-2721MISCMISCMISCMISCMISC
belkin — smart_outlet A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin Smart Outlet V2 F7c063 firmware_2.00.11420.OWRT.PVT_SNSV2 allows attackers to cause a Denial of Service (DoS) via a crafted UPNP request. 2023-05-18 not yet calculated CVE-2023-27217MISC
google — chrome Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-05-16 not yet calculated CVE-2023-2722MISCMISCMISCMISCMISC
google — chrome Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-05-16 not yet calculated CVE-2023-2723MISCMISCMISCMISCMISC
piwigo — piwigo Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php. 2023-05-17 not yet calculated CVE-2023-27233MISCCONFIRM
google — chrome Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-05-16 not yet calculated CVE-2023-2724MISCMISCMISCMISCMISC
google — chrome Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 2023-05-16 not yet calculated CVE-2023-2725MISCMISCMISCMISCMISC
google — chrome Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) 2023-05-16 not yet calculated CVE-2023-2726MISCMISCMISCMISCMISC
pimcore — pimcore Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3. 2023-05-16 not yet calculated CVE-2023-2730CONFIRMMISC
libtiff — libtiff A NULL pointer dereference flaw was found in Libtiff’s LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. 2023-05-17 not yet calculated CVE-2023-2731MISCMISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gh_form’ shortcode in versions up to, and including, 2.7.9.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Please note this only works with legacy contact forms. 2023-05-20 not yet calculated CVE-2023-2735MISCMISCMISCMISC
wordpress — wordpress The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation in the ‘ajax_edit_contact’ function. This makes it possible for authenticated attackers to receive the auto login link via shortcode and then modify the assigned user to the auto login link to elevate verified user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2023-05-20 not yet calculated CVE-2023-2736MISCMISCMISCMISC
tongda — oa A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-16 not yet calculated CVE-2023-2738MISCMISCMISC
gira — homeserver A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27″> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-16 not yet calculated CVE-2023-2739MISCMISC
sourcecodester — guest_management_system A vulnerability, which was classified as problematic, has been found in SourceCodester Guest Management System 1.0. Affected by this issue is some unknown functionality of the file dateTest.php of the component GET Parameter Handler. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229160. 2023-05-16 not yet calculated CVE-2023-2740MISCMISCMISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Auto Prune Posts plugin 2023-05-18 not yet calculated CVE-2023-27423MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Mass Delete Unused Tags plugin 2023-05-18 not yet calculated CVE-2023-27430MISC
wordpress — wordpress WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack. 2023-05-17 not yet calculated CVE-2023-2745MISCMISCMISCMISC
phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. 2023-05-17 not yet calculated CVE-2023-2752CONFIRMMISC
phpmyfaq — phpmyfaq Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. 2023-05-17 not yet calculated CVE-2023-2753MISCCONFIRM
pimcore — pimcore/customer-data-framework SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10. 2023-05-17 not yet calculated CVE-2023-2756MISCCONFIRM
wordpress — wordpress The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on ‘saveLang’ functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for subscriber-level attackers to access functions to save plugin data that can potentially lead to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2023-05-18 not yet calculated CVE-2023-2757MISCMISCMISC
weaver — oa A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-17 not yet calculated CVE-2023-2765MISCMISCMISC
weaver — oa A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-17 not yet calculated CVE-2023-2766MISCMISCMISC
sucms — sucms A vulnerability was found in Sucms 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin_ads.php?action=add. The manipulation of the argument intro leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229274 is the identifier assigned to this vulnerability. 2023-05-17 not yet calculated CVE-2023-2768MISCMISCMISC
sourcecodester — service_provider_management_system A vulnerability classified as critical has been found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229275. 2023-05-17 not yet calculated CVE-2023-2769MISCMISCMISC
sourcecodester — online_exam_system A vulnerability classified as critical was found in SourceCodester Online Exam System 1.0. This vulnerability affects unknown code of the file /kelasdosen/data. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229276. 2023-05-17 not yet calculated CVE-2023-2770MISCMISCMISC
sourcecodester — online_exam_system A vulnerability, which was classified as critical, has been found in SourceCodester Online Exam System 1.0. This issue affects some unknown processing of the file /jurusanmatkul/data. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229277 was assigned to this vulnerability. 2023-05-17 not yet calculated CVE-2023-2771MISCMISCMISC
sourcecodester — budget_and_expense_tracker_system A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/manage_budget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-229278 is the identifier assigned to this vulnerability. 2023-05-17 not yet calculated CVE-2023-2772MISCMISCMISC
code-projects — bus_dispatch_and_information_system A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229279. 2023-05-17 not yet calculated CVE-2023-2773MISCMISCMISC
code-projects — bus_dispatch_and_information_system A vulnerability was found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file view_branch.php. The manipulation of the argument branchid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229280. 2023-05-17 not yet calculated CVE-2023-2774MISCMISCMISC
idurar_erp — crm_v1 IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. 2023-05-16 not yet calculated CVE-2023-27742MISC
code-projects — bus_dispatch_and_information_system A vulnerability was found in code-projects Bus Dispatch and Information System 1.0. It has been classified as critical. This affects an unknown part of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229281 was assigned to this vulnerability. 2023-05-17 not yet calculated CVE-2023-2775MISCMISCMISC
code-projects — simple_photo_gallery A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-229282 is the identifier assigned to this vulnerability. 2023-05-17 not yet calculated CVE-2023-2776MISCMISCMISC
mlflow/mlflow — mlflow/mlflow Path Traversal: ‘..filename’ in GitHub repository mlflow/mlflow prior to 2.3.1. 2023-05-17 not yet calculated CVE-2023-2780CONFIRMMISC
acronis — acronis_cyber_infrastructure Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.3.1-38. 2023-05-18 not yet calculated CVE-2023-2782MISC
gnu — cflow A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-18 not yet calculated CVE-2023-2789MISCMISCMISCMISC
totolink — n200re A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-18 not yet calculated CVE-2023-2790MISCMISCMISC
cnoa — oa A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229376. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-18 not yet calculated CVE-2023-2799MISCMISCMISCMISC
huggingface — transformers Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0. 2023-05-18 not yet calculated CVE-2023-2800MISCCONFIRM
dell — cloudiq_collector Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data. 2023-05-19 not yet calculated CVE-2023-28045MISC
weaver — e-cology A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2023-05-19 not yet calculated CVE-2023-2806MISCMISCMISC
dell — cloudlink CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. 2023-05-16 not yet calculated CVE-2023-28076MISC
facebook — hermes A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-28081MISCMISC
soureccodester — class_scheduling_system A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/save_teacher.php of the component POST Parameter Handler. The manipulation of the argument Academic_Rank leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229428. 2023-05-19 not yet calculated CVE-2023-2814MISCMISCMISC
sourcecodester — online_jewelery_store A vulnerability classified as critical was found in SourceCodester Online Jewelry Store 1.0. Affected by this vulnerability is an unknown functionality of the file supplier.php of the component POST Parameter Handler. The manipulation of the argument suppid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229429 was assigned to this vulnerability. 2023-05-19 not yet calculated CVE-2023-2815MISCMISCMISC
ellucian — ethos_identity A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.10.6 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-229596. 2023-05-20 not yet calculated CVE-2023-2822MISCMISCMISCMISC
sourcecodester — class_scheduling_system A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_subject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229597 was assigned to this vulnerability. 2023-05-20 not yet calculated CVE-2023-2823MISCMISCMISC
sourcecodester — dental_clinic_appointment_reservation_system A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229598 is the identifier assigned to this vulnerability. 2023-05-20 not yet calculated CVE-2023-2824MISCMISCMISC
brother_industries,_ltd. — brother_iprint&scan Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user’s Android device, which may lead to displaying the settings and/or log information of the affected app as a print preview. 2023-05-18 not yet calculated CVE-2023-28369MISCMISCMISCMISC
ibm — mq IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. 2023-05-19 not yet calculated CVE-2023-28514MISCMISC
ibm — infosphere_information_server IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251213. 2023-05-19 not yet calculated CVE-2023-28529MISCMISC
zulip — zulip Zulip is an open-source team collaboration tool with unique topic-based threading. In the event that 1: `ZulipLDAPAuthBackend` and an external authentication backend (any aside of `ZulipLDAPAuthBackend` and `EmailAuthBackend`) are the only ones enabled in `AUTHENTICATION_BACKENDS` in `/etc/zulip/settings.py` and 2: The organization permissions don’t require invitations to join. An attacker can create a new account in the organization with an arbitrary email address in their control that’s not in the organization’s LDAP directory. The impact is limited to installations which have this specific combination of authentication backends as described above in addition to having `Invitations are required for joining this organization` organization permission disabled. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may enable the `Invitations are required for joining this organization` organization permission to prevent this issue. 2023-05-19 not yet calculated CVE-2023-28623MISCMISC
facebook — netconsd netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. 2023-05-18 not yet calculated CVE-2023-28753MISCMISC
ibm — mq IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. 2023-05-19 not yet calculated CVE-2023-28950MISCMISC
intel — intel_oneapi_toolkits Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access. 2023-05-12 not yet calculated CVE-2023-29242MISC
wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin 2023-05-16 not yet calculated CVE-2023-29439MISCMISC
sofawiki — sofawiki SofaWiki 2023-05-18 not yet calculated CVE-2023-29720MISCMISC
exelysis — unified_communication_solution Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution (EUCS) v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page. 2023-05-17 not yet calculated CVE-2023-29837MISCMISC
teslamate — teslamate An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link. 2023-05-18 not yet calculated CVE-2023-29857MISCMISC
flir-dvtel — flir-dvtel An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device. 2023-05-15 not yet calculated CVE-2023-29861MISCMISC
agasio — camera_device An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters. 2023-05-15 not yet calculated CVE-2023-29862MISCMISC
sage — sage Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the “Windows Peer-to-Peer Network” or “Client Server Network” Sage 300 configurations, could recover the SQL connection strings being used by Sage 300 and interact directly with the underlying database(s) to create, update, and delete all company records, bypassing the program’s role-based access controls. 2023-05-16 not yet calculated CVE-2023-29927MISC
d-link — dir-605l D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup, 2023-05-16 not yet calculated CVE-2023-29961MISCMISC
sourcecodester — student_study_center_desk_management_system Sourcecodester Student Study Center Desk Management System v1.0 adminreportsindex.php#date_from has a SQL Injection vulnerability. 2023-05-18 not yet calculated CVE-2023-29985MISC
lavalite — lavalite LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS). 2023-05-18 not yet calculated CVE-2023-30124MISC
prestashop — posstaticblocks Prestashop posstaticblocks 2023-05-16 not yet calculated CVE-2023-30189MISC
prestashop — cdesigner PrestaShop cdesigner 2023-05-17 not yet calculated CVE-2023-30191MISC
prestashop — customexporter Prestashop customexporter 2023-05-19 not yet calculated CVE-2023-30199MISCMISC
sourcecodester — judging_management_system SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file. 2023-05-15 not yet calculated CVE-2023-30245MISCMISC
prestashop — scquickaccounting Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3 allows attackers to access sensitive information stored in the component. 2023-05-16 not yet calculated CVE-2023-30281MISC
perfreeblog — perfreeblog An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file. 2023-05-18 not yet calculated CVE-2023-30333MISC
ibm — powervm_hypervisor An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. IBM X-Force ID: 252706. 2023-05-17 not yet calculated CVE-2023-30438MISCMISC
morosystems — easymind The MoroSystems EasyMind – Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter. 2023-05-17 not yet calculated CVE-2023-30452MISCMISC
facebook — hermes A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. 2023-05-18 not yet calculated CVE-2023-30470MISCMISC
wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThimPress LearnPress Export Import plugin 2023-05-18 not yet calculated CVE-2023-30487MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30501MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30502MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30503MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30504MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30505MISC
hpe — aruba_edgeconnect_enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2023-05-16 not yet calculated CVE-2023-30506MISC
hpe — aruba_edgeconnect_enterprise Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. 2023-05-16 not yet calculated CVE-2023-30507MISC
hpe — aruba_edgeconnect_enterprise Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. 2023-05-16 not yet calculated CVE-2023-30508MISC
hpe — aruba_edgeconnect_enterprise Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. 2023-05-16 not yet calculated CVE-2023-30509MISC
hpe — aruba_edgeconnect_enterprise A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance. 2023-05-16 not yet calculated CVE-2023-30510MISC
intel — soc_watch Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. 2023-05-12 not yet calculated CVE-2023-30763MISC
intel — server_board_s2600wtt Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. 2023-05-12 not yet calculated CVE-2023-30768MISC
libtiff — libtiff A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. 2023-05-19 not yet calculated CVE-2023-30774MISCMISCMISC
libtiff — libtiff A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. 2023-05-19 not yet calculated CVE-2023-30775MISCMISCMISC
wordpress — wordpress Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TheGuideX User IP and Location plugin 2023-05-18 not yet calculated CVE-2023-30780MISC
wordpress — wordpress Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin 2023-05-18 not yet calculated CVE-2023-30868MISC
greenplum-db — greenplum-db Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. 2023-05-15 not yet calculated CVE-2023-31131MISCMISC
dgraph-io — dgraph-io Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being encrypted. This is problematic because two log lines will often have the same length, so due to these collisions we are reusing the same nonce many times. All audit logs generated by versions of Dgraph

2023-05-17 not yet calculated CVE-2023-31135MISCMISCMISC
collaboraonline — collaboraonline Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account takeover attack. The vulnerability allows attackers to inject malicious code into web pages, which can be executed in the context of the victim’s browser session. This means that an attacker can steal sensitive data, such as login credentials or personal information, or perform unauthorized actions on behalf of the victim, such as modifying or deleting data. In this specific case, the vulnerability allows for a trivial account takeover attack. An attacker can exploit the vulnerability to inject code into the victim’s browser session, allowing the attacker to take over the victim’s account without their knowledge or consent. This can lead to unauthorized access to sensitive information and data, as well as the ability to perform actions on behalf of the victim. Furthermore, the fact that the vulnerability bypasses the Content Security Policy (CSP) makes it more dangerous, as CSP is an important security mechanism used to prevent cross-site scripting attacks. By bypassing CSP, attackers can circumvent the security measures put in place by the web application and execute their malicious code. This issue has been patched in versions 22.05.13, 21.11.9, and 6.4.27. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-05-15 not yet calculated CVE-2023-31145MISC
intel — trace_analyzer_collector Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. 2023-05-12 not yet calculated CVE-2023-31197MISC
intel — solid_state_drive_toolbox Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. 2023-05-12 not yet calculated CVE-2023-31199MISC
checkmk_gmbh — checkmk Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2023-05-17 not yet calculated CVE-2023-31208MISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoqisir Baidu Tongji generator plugin 2023-05-18 not yet calculated CVE-2023-31233MISC
sick_ag — sick_ftmg_air_flow_sensor Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with
Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote
attacker to potentially steal user credentials that are stored in the user’s browsers local storage via
cross-site-scripting attacks.
2023-05-15 not yet calculated CVE-2023-31408MISCMISCMISC
sick_ag — sick_ftmg_air_flow_sensor Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests. 2023-05-15 not yet calculated CVE-2023-31409MISCMISCMISC
pharmacy_management_system  — pharmacy_management_system  Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php. 2023-05-16 not yet calculated CVE-2023-31519MISC
opencms — opencms A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module. 2023-05-16 not yet calculated CVE-2023-31544MISCMISC
bludit — bludit An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. 2023-05-16 not yet calculated CVE-2023-31572MISC
serendipity — serendipity An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file. 2023-05-16 not yet calculated CVE-2023-31576MISC
tenda — ac5_router Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. 2023-05-16 not yet calculated CVE-2023-31587MISCMISCMISC
zammad — zammad An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets. 2023-05-18 not yet calculated CVE-2023-31597MISC
openlink — virtuoso-opensource An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31607MISC
openlink — virtuoso-opensource An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31608MISC
openlink — virtuoso-opensource An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31609MISC
openlink — virtuoso-opensource An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31610MISC
openlink — virtuoso-opensource An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31611MISC
openlink — virtuoso-opensource An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31612MISC
openlink — virtuoso-opensource An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31613MISC
openlink — virtuoso-opensource An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. 2023-05-15 not yet calculated CVE-2023-31614MISC
openlink — virtuoso-opensource An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31615MISC
openlink — virtuoso-opensource An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31616MISC
openlink — virtuoso-opensource An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31617MISC
openlink — virtuoso-opensource An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31618MISC
openlink — virtuoso-opensource An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31619MISC
openlink — virtuoso-opensource An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31620MISC
openlink — virtuoso-opensource An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31621MISC
openlink — virtuoso-opensource An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31622MISC
openlink — virtuoso-opensource An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31623MISC
openlink — virtuoso-opensource An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31624MISC
openlink — virtuoso-opensource An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31625MISC
openlink — virtuoso-opensource An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31626MISC
openlink — virtuoso-opensource An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31627MISC
openlink — virtuoso-opensource An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31628MISC
openlink — virtuoso-opensource An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31629MISC
openlink — virtuoso-opensource An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31630MISC
openlink — virtuoso-opensource An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. 2023-05-15 not yet calculated CVE-2023-31631MISC
redis — redis redis-7.0.10 was discovered to contain a segmentation violation. 2023-05-18 not yet calculated CVE-2023-31655MISC
luowice — luowice Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter. 2023-05-16 not yet calculated CVE-2023-31677MISC
videogo — videogo Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended. 2023-05-16 not yet calculated CVE-2023-31678MISC
videogo — videogo Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter. 2023-05-16 not yet calculated CVE-2023-31679MISC
bludit — bludit Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. 2023-05-17 not yet calculated CVE-2023-31698MISCMISC
churchcrm — churchcrm ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file. 2023-05-17 not yet calculated CVE-2023-31699MISC
tp-link — tl-wpa4530_kit_v2 TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceAdd. 2023-05-17 not yet calculated CVE-2023-31700MISC
tp-link — tl-wpa4530_kit_v2 TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceRemove. 2023-05-17 not yet calculated CVE-2023-31701MISC
microwold_technologies — escan_management_console SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1. 2023-05-17 not yet calculated CVE-2023-31702MISC
microwold_technologies — escan_management_console Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. 2023-05-17 not yet calculated CVE-2023-31703MISC
semcms — semcms SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. 2023-05-19 not yet calculated CVE-2023-31707MISC
nasm — nasm There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). 2023-05-17 not yet calculated CVE-2023-31722MISC
yasm — yasm yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c. 2023-05-17 not yet calculated CVE-2023-31723MISCMISC
yasm — yasm yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c. 2023-05-17 not yet calculated CVE-2023-31724MISCMISC
yasm — yasm yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c. 2023-05-17 not yet calculated CVE-2023-31725MISCMISC
totolink — a3300r TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection. 2023-05-18 not yet calculated CVE-2023-31729MISCMISC
tp-link — archer_vr1600v_devices A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions 2023-05-19 not yet calculated CVE-2023-31756MISC
dedecms — dedecms DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters ‘edit___cfg_powerby’ and ‘edit___cfg_beian’ 2023-05-19 not yet calculated CVE-2023-31757MISC
sourecodester — faculty_evaluation_system Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=. 2023-05-15 not yet calculated CVE-2023-31842MISC
sourecodester — faculty_evaluation_system Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=. 2023-05-15 not yet calculated CVE-2023-31843MISC
sourecodester — faculty_evaluation_system Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=. 2023-05-15 not yet calculated CVE-2023-31844MISC
sourecodester — faculty_evaluation_system Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=. 2023-05-15 not yet calculated CVE-2023-31845MISC
davinci — davinci In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side. 2023-05-17 not yet calculated CVE-2023-31847MISC
davinci — davinci davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). 2023-05-17 not yet calculated CVE-2023-31848MISC
totolink — cp300_plus A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet. 2023-05-16 not yet calculated CVE-2023-31856MISC
sourcecodester — online_computer_laptop_store Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save. 2023-05-16 not yet calculated CVE-2023-31857MISC
jizhicms — jizhicms jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package. 2023-05-19 not yet calculated CVE-2023-31862MISC
opentext — documentum_content_server OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing creation of a file in a non-owned directory, or as the root user. However, these controls can be carefully bypassed to allow for an arbitrary file write as root. 2023-05-18 not yet calculated CVE-2023-31871MISC
glazedlists — glazedlists An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter. 2023-05-16 not yet calculated CVE-2023-31890MISC
rpa_technology — mobile_mouse RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE). 2023-05-17 not yet calculated CVE-2023-31902MISCMISC
guppy_cms — guppy_cms GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file. 2023-05-17 not yet calculated CVE-2023-31903MISCMISC
savysoda — wi-fi_hd_wireless_disk_drive savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion. 2023-05-17 not yet calculated CVE-2023-31904MISC
edimax — wireless_router_n300 A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations. 2023-05-12 not yet calculated CVE-2023-31983MISC
edimax — wireless_router_n300 A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations. 2023-05-15 not yet calculated CVE-2023-31986MISC
xwiki — xwiki_platform XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 14.10.4 it’s possible to exploit well known parameters in XWiki URLs to perform redirection to untrusted site. This vulnerability was partially fixed in the past for XWiki 12.10.7 and 13.3RC1 but there is still the possibility to force specific URLs to skip some checks, e.g. using URLs like `http:example.com` in the parameter would allow the redirect. The issue has now been patched against all patterns that are known for performing redirects. This issue has been patched in XWiki 14.10.4 and 15.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-05-15 not yet calculated CVE-2023-32068MISCMISCMISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_crypto_transparent_aead_encrypt_tag

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-32096MISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_crypto_transparent_aead_decrypt_tag

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-32097MISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_se_sign_message

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-32098MISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-32099MISCMISC
silicon_labs — gecko_platform_sdk Compiler removal of buffer clearing in

sli_se_driver_mac_compute

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

2023-05-18 not yet calculated CVE-2023-32100MISCMISC
wordpress — wordpress Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. 2023-05-12 not yet calculated CVE-2023-32243MISCMISCMISC
planet_labs — planet_client_python Planet is software that provides satellite data. The secret file stores the user’s Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user’s group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand. 2023-05-12 not yet calculated CVE-2023-32303MISCMISCMISC
aiven-extras — aiven-extras aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9. 2023-05-12 not yet calculated CVE-2023-32305MISCMISC
anukotime_tracker — time_tracker Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792. 2023-05-12 not yet calculated CVE-2023-32306MISC
anuko_timetracker — anuko_timetracker anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for errors before adjusting invoice sorting order. Because of this, it was possible to craft a POST request with malicious SQL for Time Tracker database. This issue has been fixed in version 1.22.11.5781. Users are advised to upgrade. Users unable to upgrade may insert an additional check for errors in a condition before calling `ttGroupHelper::getActiveInvoices()` in invoices.php. 2023-05-15 not yet calculated CVE-2023-32308MISCMISC
pymdown-extensionspymdown-extensions PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `–8 2023-05-15 not yet calculated CVE-2023-32309MISCMISC
vm2 — vm2 vm2 is a sandbox that can run untrusted code with Node’s built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm. 2023-05-15 not yet calculated CVE-2023-32313MISCMISCMISCMISC
vm2 — vm2 vm2 is a sandbox that can run untrusted code with Node’s built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-05-15 not yet calculated CVE-2023-32314MISCMISCMISCMISC
ombi — ombi Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host operating system. Ombi administrators may not always be local system administrators and so this may violate the security expectations of the system. The arbitrary file read vulnerability was present in `ReadLogFile` and `Download` endpoints in `SystemControllers.cs` as the parameter `logFileName` is not sanitized before being combined with the `Logs` directory. When using `Path.Combine(arg1, arg2, arg3)`, an attacker may be able to escape to folders/files outside of `Path.Combine(arg1, arg2)` by using “..” in `arg3`. In addition, by specifying an absolute path for `arg3`, `Path.Combine` will completely ignore the first two arguments and just return just `arg3`. This vulnerability can lead to information disclosure. The Ombi `documentation` suggests running Ombi as a Service with Administrator privileges. An attacker targeting such an application may be able to read the files of any Windows user on the host machine and certain system files. This issue has been addressed in commit `b8a8f029` and in release version 4.38.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as GHSL-2023-088. 2023-05-18 not yet calculated CVE-2023-32322MISCMISCMISCMISCMISC
wordpress — wordpress Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matt Gibbs Custom Field Suite plugin 2023-05-18 not yet calculated CVE-2023-32515MISC
wordpress — wordpress Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin 2023-05-20 not yet calculated CVE-2023-32589MISC
vyper — vyper Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In contracts with more than one regular nonpayable function, it is possible to send funds to the default function, even if the default function is marked `nonpayable`. This applies to contracts compiled with vyper versions prior to 0.3.8. This issue was fixed by the removal of the global `calldatasize` check in commit `02339dfda`. Users are advised to upgrade to version 0.3.8. Users unable to upgrade should avoid use of nonpayable default functions. 2023-05-19 not yet calculated CVE-2023-32675MISCMISC
zulip — zulip Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows a user to invite a new user also allows them to set the streams that the new user is invited to — even if the inviting user would not have permissions to add an existing user to streams. While such a configuration is likely rare in practice, the behavior does violate security-related controls. This does not let a user invite new users to streams they cannot see, or would not be able to add users to if they had that general permission. This issue has been addressed in version 6.2. Users are advised to upgrade. Users unable to upgrade may limit sending of invitations down to users who also have the permission to add users to streams. 2023-05-19 not yet calculated CVE-2023-32677MISCMISCMISCMISC
craft_cms — craft_cms Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string(”) in the View.php’s doesTemplateExist() -> resolveTemplate() -> _resolveTemplateInternal() -> _resolveTemplate() function, it returns directly without extension verification, so that arbitrary extension files are rendered as twig templates. When attacker with admin privileges on a DEV or an improperly configured STG or PROD environment, they can exploit this vulnerability to remote code execution. Code execution may grant the attacker access to the host operating system. This issue has been addressed in version 4.4.6. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2023-05-19 not yet calculated CVE-2023-32679MISC
metabase — metabase Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn’t enforce that requirement. This lack of enforcement meant that: Anyone–including people in sandboxed groups–could edit SQL snippets. They could edit snippets via the API or, in the application UI, when editing the metadata for a model based on a SQL question, and people in sandboxed groups could edit a SQL snippet used in a query that creates their sandbox. If the snippet contained logic that restricted which data that person could see, they could potentially edit that snippet and change their level of data access. The permissions model for SQL snippets has been fixed in Metabase versions 0.46.3, 0.45.4, 0.44.7, 1.46.3, 1.45.4, and 1.44.7. Users are advised to upgrade. Users unable to upgrade should ensure that SQL queries used to create sandboxes exclude SQL snippets. 2023-05-18 not yet calculated CVE-2023-32680MISCMISCMISCMISC
luatex — luatex LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5. 2023-05-20 not yet calculated CVE-2023-32700MISCMISCMISCMISC
giturlparse — giturlparse giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package’s author placed a ReDoS attack payload in a URL used by the package. 2023-05-15 not yet calculated CVE-2023-32758MISCMISCMISC
symcon — ip-symcon The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. directory-traversal sequences in the URL. 2023-05-17 not yet calculated CVE-2023-32767MISCMISC
keepass — keepass In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. 2023-05-15 not yet calculated CVE-2023-32784MISCMISCMISC
opc_ua_legacy_java_stack — opc_ua_legacy_java_stack The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications. 2023-05-15 not yet calculated CVE-2023-32787MISCCONFIRMMISC
synology — synology_router_manager Improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors. 2023-05-16 not yet calculated CVE-2023-32955MISC
synology — synology_router_manager Improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors. 2023-05-16 not yet calculated CVE-2023-32956MISC
jenkins_pipeline — jenkins_pipeline Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. 2023-05-16 not yet calculated CVE-2023-32977MISC
jenkins_ldap — jenkins_ldap A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. 2023-05-16 not yet calculated CVE-2023-32978MISC
jenkins_email_extension  Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. 2023-05-16 not yet calculated CVE-2023-32979MISC
jenkins_email_extension  A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job. 2023-05-16 not yet calculated CVE-2023-32980MISC
jenkins_pipeline — jenkins_pipeline An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content. 2023-05-16 not yet calculated CVE-2023-32981MISC
jenkins_ansible — jenkins_ansible Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. 2023-05-16 not yet calculated CVE-2023-32982MISC
jenkins_ansible — jenkins_ansible Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them. 2023-05-16 not yet calculated CVE-2023-32983MISC
jenkins_testng_results — jenkins_testng_results Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin’s test information pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a crafted TestNG report file. 2023-05-16 not yet calculated CVE-2023-32984MISC
jenkins_sidebar_link — jenkins_sidebar_link Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. 2023-05-16 not yet calculated CVE-2023-32985MISC
jenkins_file_paramater — jenkins_file_parameter Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content. 2023-05-16 not yet calculated CVE-2023-32986MISC
jenkins_reverse_proxy_auth — jenkins_reverse_proxy_auth A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. 2023-05-16 not yet calculated CVE-2023-32987MISC
jenkins_azure_vm_agents — jenkins_azure_vm_agents A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2023-05-16 not yet calculated CVE-2023-32988MISC
jenkins_azure_vm_agents — jenkins_azure_vm_agents A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. 2023-05-16 not yet calculated CVE-2023-32989MISC
jenkins_azure_vm_agents — jenkins_azure_vm_agents A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. 2023-05-16 not yet calculated CVE-2023-32990MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. 2023-05-16 not yet calculated CVE-2023-32991MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. 2023-05-16 not yet calculated CVE-2023-32992MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. 2023-05-16 not yet calculated CVE-2023-32993MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. 2023-05-16 not yet calculated CVE-2023-32994MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange’s API for sending emails. 2023-05-16 not yet calculated CVE-2023-32995MISC
jenkins_saml_single_sign_on — jenkins_saml_single_sign_on A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange’s API for sending emails. 2023-05-16 not yet calculated CVE-2023-32996MISC
jenkins_cas — jenkins_cas Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. 2023-05-16 not yet calculated CVE-2023-32997MISC
jenkins_appspider — jenkins_appspider A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. 2023-05-16 not yet calculated CVE-2023-32998MISC
jenkins_appspider — jenkins_appspider A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. 2023-05-16 not yet calculated CVE-2023-32999MISC
jenkins_ns-nd — jenkins_ns-nd Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them. 2023-05-16 not yet calculated CVE-2023-33000MISC
jenkins_hashicorp_vault — jenkins_hashicorp_vault Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. 2023-05-16 not yet calculated CVE-2023-33001MISC
jenkins_testcomplete — jenkins_testcomplete Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2023-05-16 not yet calculated CVE-2023-33002MISC
jenkins_tag_profiler — jenkins_tag_profiler A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics. 2023-05-16 not yet calculated CVE-2023-33003MISC
jenkins_tag_profiler — jenkins_tag_profiler A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics. 2023-05-16 not yet calculated CVE-2023-33004MISC
jenkins_wso2_oauth — jenkins_wso2_oauth Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. 2023-05-16 not yet calculated CVE-2023-33005MISC
jenkins_wso2_oauth — jenkins_wso2_oauth A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker’s account. 2023-05-16 not yet calculated CVE-2023-33006MISC
jenkins_loadcomplete — jenkins_loadcomplete Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2023-05-16 not yet calculated CVE-2023-33007MISC
linux — kernel The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. 2023-05-18 not yet calculated CVE-2023-33203MISCMISCMISC
jenkins_loadcomplete — jenkins_loadcomplete sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. 2023-05-18 not yet calculated CVE-2023-33204MISC
foxit_pdf_reader — foxit_pdf_reader Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2. 2023-05-19 not yet calculated CVE-2023-33240MISC

obsidian — obsidian

Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page. 2023-05-20 not yet calculated CVE-2023-33244MISCMISC

Back to top

Sort all tables