High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apple — mac_os_x | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution | 2023-06-23 | 9.8 | CVE-2022-22630 MISC MISC MISC |
google — android | In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-250100597References: N/A | 2023-06-28 | 9.8 | CVE-2023-21066 MISC |
wordpress — wordpress | The wpbrutalai WordPress plugin before 2.0.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF. | 2023-06-27 | 9.8 | CVE-2023-2601 MISC |
wordpress — wordpress |
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | 2023-06-30 | 9.8 | CVE-2023-2834 MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5. | 2023-06-29 | 9.8 | CVE-2023-2982 MISC MISC MISC MISC MISC |
wordpress — wordpress | The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the ‘id’ parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | 2023-06-24 | 9.8 | CVE-2023-3197 MISC MISC |
apple — macos | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution | 2023-06-23 | 9.8 | CVE-2023-32387 MISC MISC MISC |
apple — macos | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution | 2023-06-23 | 9.8 | CVE-2023-32412 MISC MISC MISC MISC MISC MISC MISC |
apple — iphone_os | The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution | 2023-06-23 | 9.8 | CVE-2023-32419 MISC |
wordpress — wordpress |
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the ‘hidden_form_data’ function. This makes it possible for authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. | 2023-06-30 | 9.8 | CVE-2023-3249 MISC MISC |
trendmicro — apex_one | A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges. | 2023-06-26 | 9.8 | CVE-2023-32557 MISC |
wavlink — wn579x3_firmware | A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | 2023-06-23 | 9.8 | CVE-2023-3380 MISC MISC MISC |
game_result_matrix_system_project — game_result_matrix_system | A vulnerability, which was classified as critical, was found in SourceCodester Game Result Matrix System 1.0. This affects an unknown part of the file /dipam/athlete-profile.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232239. | 2023-06-23 | 9.8 | CVE-2023-3383 MISC MISC MISC |
human_resource_management_system_project — human_resource_management_system | A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232288. | 2023-06-23 | 9.8 | CVE-2023-3391 MISC MISC MISC |
trendmicro — mobile_security | A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files. | 2023-06-26 | 9.1 | CVE-2023-32521 MISC MISC |
wordpress — wordpress |
The WP Private Content Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1. This is due to missing or incorrect nonce validation on the save_groups() function. This makes it possible for unauthenticated attackers to add new group members via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 8.8 | CVE-2021-4385 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The WP Security Question plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to modify the plugin’s settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 8.8 | CVE-2021-4386 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Locations plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation on the saveCustomFields() function. This makes it possible for unauthenticated attackers to update custom field meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 8.8 | CVE-2021-4394 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() function. This makes it possible for unauthenticated attackers to update meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 8.8 | CVE-2021-4398 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.0. This is due to missing or incorrect nonce validation on the update_posts_stylekit() function. This makes it possible for unauthenticated attackers to update style kits for posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 8.8 | CVE-2021-4401 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
yoga_class_registration_system_project — yoga_class_registration_system | Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators. | 2023-06-24 | 8.8 | CVE-2023-1722 MISC MISC |
wordpress — wordpress | The KiviCare WordPress plugin before 3.2.1 does not have CSRF checks (either flawed or missing completely) in various AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. This includes, but is not limited to: Delete arbitrary appointments/medical records/etc, create/update various users (patients, doctors etc) | 2023-06-27 | 8.8 | CVE-2023-2628 MISC |
wordpress — wordpress |
The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts. | 2023-06-30 | 8.8 | CVE-2023-3063 MISC MISC |
apple — watchos | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | 2023-06-23 | 8.8 | CVE-2023-32373 MISC MISC MISC MISC MISC MISC |
apple — macos | A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | 2023-06-23 | 8.8 | CVE-2023-32435 MISC MISC MISC MISC MLIST |
apple — iphone_os | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | 2023-06-23 | 8.8 | CVE-2023-32439 MISC MISC MISC MISC MLIST FEDORA |
trendmicro — mobile_security | Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. | 2023-06-26 | 8.8 | CVE-2023-32523 MISC MISC |
trendmicro — mobile_security | Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523. | 2023-06-26 | 8.8 | CVE-2023-32524 MISC MISC |
trendmicro — mobile_security | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. | 2023-06-26 | 8.8 | CVE-2023-32527 MISC MISC |
trendmicro — mobile_security | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527. | 2023-06-26 | 8.8 | CVE-2023-32528 MISC MISC |
trendmicro — apex_central | Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32530. | 2023-06-26 | 8.8 | CVE-2023-32529 MISC MISC |
trendmicro — apex_central | Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32529. | 2023-06-26 | 8.8 | CVE-2023-32530 MISC MISC |
google — chrome | Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-06-26 | 8.8 | CVE-2023-3420 MISC MISC MISC MISC |
google — chrome | Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-06-26 | 8.8 | CVE-2023-3421 MISC MISC MISC MISC |
google — chrome | Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | 2023-06-26 | 8.8 | CVE-2023-3422 MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually. | 2023-06-23 | 8.8 | CVE-2023-35152 MISC MISC MISC MISC MISC |
gnu — libredwg | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | 2023-06-23 | 8.8 | CVE-2023-36271 MISC |
gnu — libredwg | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | 2023-06-23 | 8.8 | CVE-2023-36272 MISC |
gnu — libredwg | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | 2023-06-23 | 8.8 | CVE-2023-36273 MISC |
gnu — libredwg | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | 2023-06-23 | 8.8 | CVE-2023-36274 MISC |
codekop — codekop | A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attackers to escalate privileges. | 2023-06-23 | 8.8 | CVE-2023-36345 MISC MISC |
codekop — codekop | POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. | 2023-06-23 | 8.8 | CVE-2023-36348 MISC MISC |
apple — macos | The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited. | 2023-06-23 | 8.6 | CVE-2023-32409 MISC MISC MISC MISC MISC |
apple — macos | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox | 2023-06-23 | 8.6 | CVE-2023-32414 MISC |
wordpress — wordpress |
The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Injection in versions up to, and including, 4.1.5. This is due to insufficient escaping on the supplied username value. This makes it possible for unauthenticated attackers to extract potentially sensitive information from the LDAP directory. | 2023-06-29 | 8.6 | CVE-2023-3447 MISC MISC |
microsoft — edge | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2023-06-29 | 8.3 | CVE-2022-29144 MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2023-06-29 | 8.3 | CVE-2022-29146 MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2023-06-28 | 8.2 | CVE-2021-31937 MISC |
trendmicro — mobile_security | A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2023-06-26 | 8.1 | CVE-2023-32522 MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail sending configuration, including the smtp domain name and credentials. The problem has been patched in XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, the rights of the `Mail.MailConfig` page can be manually updated so that only a set of trusted users can view, edit and delete it (e.g., the `XWiki.XWikiAdminGroup` group). | 2023-06-23 | 8.1 | CVE-2023-34465 MISC MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.40m-2 and prior to versions 14.4.8, 14.10.4, and 15.0, any user with view rights on any document can execute code with programming rights, leading to remote code execution by crafting an url with a dangerous payload. The problem has been patched in XWiki 15.0, 14.10.4 and 14.4.8. | 2023-06-23 | 8 | CVE-2023-35150 MISC MISC MISC |
google — android | In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne lAndroid ID: A-269661912References: N/A | 2023-06-28 | 7.8 | CVE-2023-21147 MISC |
google — android | In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-270050709References: N/A | 2023-06-28 | 7.8 | CVE-2023-21149 MISC |
google — android | In multiple functions of WifiCallingSettings.java, there is a possible way to change calling preferences for the admin user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-262243015 | 2023-06-28 | 7.8 | CVE-2023-21172 MISC |
google — android | In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-235822222 | 2023-06-28 | 7.8 | CVE-2023-21174 MISC |
google — android | In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-262243574 | 2023-06-28 | 7.8 | CVE-2023-21175 MISC |
google — android | In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-272755865 | 2023-06-28 | 7.8 | CVE-2023-21179 MISC |
apple — macos | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges | 2023-06-23 | 7.8 | CVE-2023-23516 MISC MISC MISC |
apple — macos | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution | 2023-06-23 | 7.8 | CVE-2023-23539 MISC |
apple — macos | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to execute arbitrary code with kernel privileges | 2023-06-23 | 7.8 | CVE-2023-27930 MISC MISC MISC MISC |
dell — precision_3570_firmware | Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system. | 2023-06-23 | 7.8 | CVE-2023-28073 MISC |
apple — itunes | A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges | 2023-06-23 | 7.8 | CVE-2023-32351 MISC |
apple — itunes | A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges | 2023-06-23 | 7.8 | CVE-2023-32353 MISC |
apple — macos | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution | 2023-06-23 | 7.8 | CVE-2023-32380 MISC MISC MISC |
apple — macos | A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing an image may lead to arbitrary code execution | 2023-06-23 | 7.8 | CVE-2023-32384 MISC MISC MISC MISC MISC MISC MISC |
apple — macos | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to execute arbitrary code with kernel privileges | 2023-06-23 | 7.8 | CVE-2023-32398 MISC MISC MISC MISC MISC MISC MISC |
apple — macos | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges | 2023-06-23 | 7.8 | CVE-2023-32405 MISC MISC MISC |
apple — iphone_os | An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | 2023-06-23 | 7.8 | CVE-2023-32434 MISC MISC MISC MISC MISC MISC MISC |
admidio — admidio | Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9. | 2023-06-23 | 7.8 | CVE-2023-3302 MISC CONFIRM |
trendmicro — apex_one | An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34145. | 2023-06-26 | 7.8 | CVE-2023-34144 MISC MISC |
trendmicro — apex_one | An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34144. | 2023-06-26 | 7.8 | CVE-2023-34145 MISC MISC |
trendmicro — apex_one | An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34147 and CVE-2023-34148. | 2023-06-26 | 7.8 | CVE-2023-34146 MISC MISC |
trendmicro — apex_one | An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148. | 2023-06-26 | 7.8 | CVE-2023-34147 MISC MISC |
trendmicro — apex_one | An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147. | 2023-06-26 | 7.8 | CVE-2023-34148 MISC MISC |
irontec — sngrep | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c. | 2023-06-23 | 7.8 | CVE-2023-36192 MISC |
gifsicle_project — gifsicle | Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c. | 2023-06-23 | 7.8 | CVE-2023-36193 MISC |
wago — multiple_products |
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. | 2023-06-26 | 7.5 | CVE-2023-1150 MISC |
dtstack — taier | An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method. | 2023-06-23 | 7.5 | CVE-2023-29860 MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system | 2023-06-23 | 7.5 | CVE-2023-32397 MISC MISC MISC MISC |
microsoft — yet_another_reverse_proxy | Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | 2023-06-23 | 7.5 | CVE-2023-33141 MISC |
diagrams — drawio | Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3. | 2023-06-26 | 7.5 | CVE-2023-3398 MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscation configuration was not fully taken into account. While the mail displayed to the end user was obfuscated, the rest response was also containing the mail unobfuscated and users were able to filter and sort on the unobfuscated, allowing them to infer the mail content. The consequence was the possibility to retrieve the email addresses of all users even when obfuscated. This has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1. | 2023-06-23 | 7.5 | CVE-2023-34467 MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a REST endpoint and obtain the obfuscated passwords, even when the mail obfuscation is activated. The issue has been patched in XWiki 14.4.8, 14.10.6, and 15.1. There is no known workaround. | 2023-06-23 | 7.5 | CVE-2023-35151 MISC MISC MISC |
trendmicro — mobile_security | A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product. | 2023-06-26 | 7.5 | CVE-2023-35695 MISC MISC |
webkul — qloapps | An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameter date_from, date_to, and id_product allows a remote attacker to bypass a web application’s authentication and authorization mechanisms and retrieve the contents of an entire database. | 2023-06-23 | 7.5 | CVE-2023-36284 MISC |
basecamp — basecamp | Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application’s private directory. Additionally, by using a malicious intent, the attacker may redirect the server’s responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme. | 2023-06-25 | 7.5 | CVE-2023-36612 MISC |
dell — alienware_update | Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation. | 2023-06-23 | 7.3 | CVE-2023-28065 MISC |
yoga_class_registration_system_project — yoga_class_registration_system | Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators. | 2023-06-24 | 7.2 | CVE-2023-1721 MISC MISC |
wordpress — wordpress | The ERP WordPress plugin before 1.12.4 does not properly sanitize and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 2023-06-27 | 7.2 | CVE-2023-2744 MISC |
fossbilling — fossbilling | Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1. | 2023-06-23 | 7.2 | CVE-2023-3393 MISC MISC |
dell — alienware_update | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | 2023-06-23 | 7.1 | CVE-2023-28071 MISC |
apple — macos | An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to retain access to system configuration files even after its permission is revoked | 2023-06-23 | 7.1 | CVE-2023-32357 MISC MISC MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory | 2023-06-23 | 7.1 | CVE-2023-32420 MISC MISC MISC MISC |
apple — macos | A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges | 2023-06-23 | 7 | CVE-2023-32413 MISC MISC MISC MISC MISC MISC MISC |
trendmicro — apex_one | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32555. | 2023-06-26 | 7 | CVE-2023-32554 MISC MISC |
trendmicro — apex_one | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32554. | 2023-06-26 | 7 | CVE-2023-32555 MISC MISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
dell — alienware_m15_r7_firmware | Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution. | 2023-06-23 | 6.8 | CVE-2023-32480 MISC |
google — android | there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239867994References: N/A | 2023-06-28 | 6.7 | CVE-2023-21146 MISC |
google — android | In the Google BMS kernel module, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-265149414References: N/A | 2023-06-28 | 6.7 | CVE-2023-21151 MISC |
google — android | In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-264259730References: N/A | 2023-06-28 | 6.7 | CVE-2023-21153 MISC |
google — android | In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783137References: N/A | 2023-06-28 | 6.7 | CVE-2023-21157 MISC |
google — android | In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-261085213 | 2023-06-28 | 6.7 | CVE-2023-21171 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-25936 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-25937 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-25938 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28026 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28027 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28028 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable | 2023-06-23 | 6.7 | CVE-2023-28029 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28030 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28031 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28032 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28033 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28034 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28035 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28036 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28039 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28040 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28041 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28042 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28044 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28050 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28052 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28054 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28056 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28058 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28059 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28060 MISC |
dell — alienware_area_51m_r1_firmware | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | 2023-06-23 | 6.7 | CVE-2023-28061 MISC |
wordpress — wordpress | The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users | 2023-06-27 | 6.5 | CVE-2023-2623 MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. | 2023-06-23 | 6.5 | CVE-2023-28204 MISC MISC MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information | 2023-06-23 | 6.5 | CVE-2023-32402 MISC MISC MISC MISC MISC |
apple — macos | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information | 2023-06-23 | 6.5 | CVE-2023-32423 MISC MISC MISC MISC MISC |
trendmicro — mobile_security | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32526. | 2023-06-26 | 6.5 | CVE-2023-32525 MISC MISC |
trendmicro — mobile_security | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32525. | 2023-06-26 | 6.5 | CVE-2023-32526 MISC MISC |
wordpress — wordpress | The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.0. This is due to a missing capability check on the ajax_store_save() function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify plugin settings and inject malicious web scripts. | 2023-06-27 | 6.4 | CVE-2023-3412 MISC MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 2023-07-01 | 6.3 | CVE-2021-31982 MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2023-06-29 | 6.3 | CVE-2022-26899 MISC |
apple — macos | The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections | 2023-06-23 | 6.3 | CVE-2023-27940 MISC MISC MISC |
apple — macos | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox | 2023-06-23 | 6.3 | CVE-2023-32371 MISC MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 2023-07-01 | 6.1 | CVE-2021-34506 MISC |
wordpress — wordpress | The wpbrutalai WordPress plugin before 2.0.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin. | 2023-06-27 | 6.1 | CVE-2023-2605 MISC |
wordpress — wordpress | The KiviCare WordPress plugin before 3.2.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrator | 2023-06-27 | 6.1 | CVE-2023-2624 MISC |
wordpress — wordpress | The ERP WordPress plugin before 1.12.4 does not sanitize and escape the employee_name parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | 2023-06-27 | 6.1 | CVE-2023-2743 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions. | 2023-06-23 | 6.1 | CVE-2023-29100 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Booking for Appointments and Events Calendar – Amelia plugin <= 1.0.75 versions. | 2023-06-26 | 6.1 | CVE-2023-29427 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof theme <= 1.0.3 versions. | 2023-06-26 | 6.1 | CVE-2023-29430 MISC |
trendmicro — apex_central | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32532 through 32535. | 2023-06-26 | 6.1 | CVE-2023-32531 MISC MISC |
trendmicro — apex_central | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535. | 2023-06-26 | 6.1 | CVE-2023-32532 MISC MISC |
trendmicro — apex_central | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535. | 2023-06-26 | 6.1 | CVE-2023-32533 MISC MISC |
trendmicro — apex_central | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535. | 2023-06-26 | 6.1 | CVE-2023-32534 MISC MISC |
trendmicro — apex_central | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32534. | 2023-06-26 | 6.1 | CVE-2023-32535 MISC MISC |
online_school_fees_system_project — online_school_fees_system | A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-232237 was assigned to this vulnerability. | 2023-06-23 | 6.1 | CVE-2023-3381 MISC MISC MISC |
game_result_matrix_system_project — game_result_matrix_system | A vulnerability, which was classified as problematic, has been found in SourceCodester Game Result Matrix System 1.0. Affected by this issue is some unknown functionality of the file /dipam/save-delegates.php of the component GET Parameter Handler. The manipulation of the argument del_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-232238 is the identifier assigned to this vulnerability. | 2023-06-23 | 6.1 | CVE-2023-3382 MISC MISC MISC |
wordpress — wordpress | The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nsc_bar_content_href’ parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2. | 2023-06-24 | 6.1 | CVE-2023-3388 MISC MISC MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions. | 2023-06-23 | 6.1 | CVE-2023-34012 MISC |
wordpress — wordpress | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions. | 2023-06-23 | 6.1 | CVE-2023-34021 MISC |
wordpress — wordpress |
The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajax_store_save() function. This makes it possible for unauthenticated attackers to modify plugin settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-06-27 | 6.1 | CVE-2023-3411 MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). For instance, the following URL execute an `alter` on the browser: `<xwiki-host>/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E+%3Cimg+src+onerror%3Dalert%28document.domain%29%3E+%3Crenniepak%40intigriti.me%3E&includeDocument=inline&message=I+wanted+to+share+this+page+with+you.`, where `<xwiki-host>` is the URL of your XWiki installation. The vulnerability has been patched in XWiki 15.0-rc-1, 14.10.4, and 14.4.8. | 2023-06-23 | 6.1 | CVE-2023-35155 MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the delete template to perform a XSS, e.g. by using URL such as: > xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 6.0-rc-1. The vulnerability has been patched in XWiki 14.10.6 and 15.1. Note that a partial patch has been provided in 14.10.5 but wasn’t enough to entirely fix the vulnerability. | 2023-06-23 | 6.1 | CVE-2023-35156 MISC MISC MISC MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. | 2023-06-23 | 6.1 | CVE-2023-35158 MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the deletespace template to perform a XSS, e.g. by using URL such as: > xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 3.4-milestone-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. | 2023-06-23 | 6.1 | CVE-2023-35159 MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/XWiki/Main xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain). This vulnerability exists since XWiki 2.5-milestone-2. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. | 2023-06-23 | 6.1 | CVE-2023-35160 MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the DeleteApplication page to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 6.2-milestone-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. | 2023-06-23 | 6.1 | CVE-2023-35161 MISC MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It’s possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as: > <hostname>/xwiki/bin/get/FlamingoThemes/Cerulean xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain). This vulnerability exists since XWiki 6.1-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. | 2023-06-23 | 6.1 | CVE-2023-35162 MISC MISC MISC MISC |
webkul — qloapps | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user’s session cookie and then impersonate that user via POST controller parameter. | 2023-06-23 | 6.1 | CVE-2023-36287 MISC |
webkul — qloapps | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user’s session cookie and then impersonate that user via POST email_create and back parameter. | 2023-06-23 | 6.1 | CVE-2023-36289 MISC |
codekop — codekop | POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php. | 2023-06-23 | 6.1 | CVE-2023-36346 MISC MISC |
wordpress — wordpress |
The MainWP Child plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.4.1.1 due to insufficient controls on the storage of back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including the entire installations database if a backup occurs and the deletion of the back-up files fail. | 2023-06-27 | 5.9 | CVE-2023-3132 MISC MISC |
apple — ipados | This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2022-42792 MISC |
apple — macos | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system | 2023-06-23 | 5.5 | CVE-2022-42860 MISC MISC MISC |
apple — ipados | A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferences | 2023-06-23 | 5.5 | CVE-2022-46715 MISC |
apple — macos | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2022-46718 MISC MISC MISC MISC |
google — android | In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-269174022References: N/A | 2023-06-28 | 5.5 | CVE-2023-21152 MISC |
google — android | In BuildSetRadioNode of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-264540700References: N/A | 2023-06-28 | 5.5 | CVE-2023-21155 MISC |
google — android | In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-253270285 | 2023-06-28 | 5.5 | CVE-2023-21168 MISC |
google — android | In multiple methods of DataUsageList.java, there is a possible way to learn about admin user’s network activities due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262741858 | 2023-06-28 | 5.5 | CVE-2023-21173 MISC |
google — android | In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-273906410 | 2023-06-28 | 5.5 | CVE-2023-21177 MISC |
apple — macos | This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-28191 MISC MISC MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app firewall setting may not take effect after exiting the Settings app | 2023-06-23 | 5.5 | CVE-2023-28202 MISC MISC MISC MISC |
trendmicro — apex_one | A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations. | 2023-06-26 | 5.5 | CVE-2023-30902 MISC |
apple — macos | A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks | 2023-06-23 | 5.5 | CVE-2023-32352 MISC MISC MISC MISC MISC |
apple — watchos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory | 2023-06-23 | 5.5 | CVE-2023-32354 MISC MISC MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system | 2023-06-23 | 5.5 | CVE-2023-32355 MISC MISC MISC |
apple — macos | An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An unauthenticated user may be able to access recently printed documents | 2023-06-23 | 5.5 | CVE-2023-32360 MISC MISC MISC |
apple — macos | A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32363 MISC |
apple — macos | This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data | 2023-06-23 | 5.5 | CVE-2023-32367 MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory | 2023-06-23 | 5.5 | CVE-2023-32368 MISC MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. Processing an image may result in disclosure of process memory | 2023-06-23 | 5.5 | CVE-2023-32372 MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory | 2023-06-23 | 5.5 | CVE-2023-32375 MISC MISC |
apple — macos | This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to modify protected parts of the file system | 2023-06-23 | 5.5 | CVE-2023-32376 MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory | 2023-06-23 | 5.5 | CVE-2023-32382 MISC MISC MISC |
apple — macos | A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination | 2023-06-23 | 5.5 | CVE-2023-32385 MISC MISC |
apple — macos | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32388 MISC MISC MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory | 2023-06-23 | 5.5 | CVE-2023-32389 MISC MISC MISC MISC |
apple — macos | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2023-32392 MISC MISC MISC MISC MISC MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system | 2023-06-23 | 5.5 | CVE-2023-32395 MISC MISC MISC |
apple — macos | The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2023-32399 MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app | 2023-06-23 | 5.5 | CVE-2023-32400 MISC MISC MISC |
apple — macos | This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2023-32403 MISC MISC MISC MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32404 MISC MISC MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32407 MISC MISC MISC MISC MISC MISC MISC |
apple — macos | The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2023-32408 MISC MISC MISC MISC MISC MISC |
apple — macos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to leak sensitive kernel state | 2023-06-23 | 5.5 | CVE-2023-32410 MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved entitlements. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32411 MISC MISC MISC MISC MISC |
apple — macos | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to read sensitive location information | 2023-06-23 | 5.5 | CVE-2023-32415 MISC MISC MISC |
apple — macos | This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to bypass Privacy preferences | 2023-06-23 | 5.5 | CVE-2023-32422 MISC MISC MISC |
trendmicro — apex_one | A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2023-06-26 | 5.5 | CVE-2023-32556 MISC MISC |
sqlite — sqlite | sqlite3 v3.40.1 was discovered to contain a segmentation violation at /sqlite3_aflpp/shell.c. | 2023-06-23 | 5.5 | CVE-2023-36191 MISC FEDORA |
microsoft — edge |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 2023-07-01 | 5.4 | CVE-2021-34475 MISC |
ladybirdweb — faveo_helpdesk | Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS. | 2023-06-24 | 5.4 | CVE-2023-1724 MISC MISC |
apple — airpods_firmware | An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones. | 2023-06-23 | 5.4 | CVE-2023-27964 MISC |
zwaply — cryptocurrency_all-in-one | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Zwaply Cryptocurrency All-in-One plugin <= 3.0.19 versions. | 2023-06-26 | 5.4 | CVE-2023-29435 MISC |
iframe_shortcode_project — iframe_shortcode | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flyn San IFrame Shortcode plugin <= 1.0.5 versions. | 2023-06-26 | 5.4 | CVE-2023-29436 MISC |
trendmicro — apex_central | Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32537. | 2023-06-26 | 5.4 | CVE-2023-32536 MISC |
trendmicro — apex_central | Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32536. | 2023-06-26 | 5.4 | CVE-2023-32537 MISC |
trendmicro — apex_central | Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32605. | 2023-06-26 | 5.4 | CVE-2023-32604 MISC |
trendmicro — apex_central | Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32604. | 2023-06-26 | 5.4 | CVE-2023-32605 MISC |
admidio — admidio | Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. | 2023-06-23 | 5.4 | CVE-2023-3304 CONFIRM MISC |
wordpress — wordpress | The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘lana_text_to_image’ and ‘lana_text_to_img’ shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-06-24 | 5.4 | CVE-2023-3387 MISC MISC MISC |
fossbilling — fossbilling | Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. | 2023-06-23 | 5.4 | CVE-2023-3394 MISC MISC |
wordpress — wordpress |
The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the ‘save_customer’ function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-06-28 | 5.4 | CVE-2023-3427 MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until versions 14.4.8, 14.10.5, and 15.1RC1 of org.xwiki.platform:xwiki-platform-web and any version prior to 14.4.8, 14.10.5, and 15.1.RC1 of org.xwiki.platform:xwiki-platform-web-templates, any user who can edit a document in a wiki like the user profile can create a stored cross-site scripting attack. The attack occurs by putting plain HTML code into that document and then tricking another user to visit that document with the `displaycontent` or `rendercontent` template and plain output syntax. If a user with programming rights is tricked into visiting such a URL, arbitrary actions be performed with this user’s rights, impacting the confidentiality, integrity, and availability of the whole XWiki installation. This has been patched in XWiki 14.4.8, 14.10.5 and 15.1RC1 by setting the content type of the response to plain text when the output syntax is not an HTML syntax. | 2023-06-23 | 5.4 | CVE-2023-34464 MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform. Starting in version 5.4.4 and prior to versions 14.4.8, 14.10.4, and 15.0, a stored cross-site scripting vulnerability can be exploited by users with edit rights by adding a `AppWithinMinutes.FormFieldCategoryClass` class on a page and setting the payload on the page title. Then, any user visiting `/xwiki/bin/view/AppWithinMinutes/ClassEditSheet` executes the payload. The issue has been patched in XWiki 14.4.8, 14.10.4, and 15.0. As a workaround, update `AppWithinMinutes.ClassEditSheet` with a patch. | 2023-06-23 | 5.4 | CVE-2023-35153 MISC MISC MISC |
webkul — qloapps | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user’s session cookie and then impersonate that user via GET configure parameter. | 2023-06-23 | 5.4 | CVE-2023-36288 MISC |
trendmicro — apex_one | An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553 | 2023-06-26 | 5.3 | CVE-2023-32552 MISC MISC |
trendmicro — apex_one | An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552. | 2023-06-26 | 5.3 | CVE-2023-32553 MISC MISC |
wordpress — wordpress |
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the ‘lock_content_form_handler’ and ‘display_password_form’ function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to decrypt and view the password protected content. | 2023-06-27 | 5.3 | CVE-2023-3371 MISC MISC MISC MISC MISC MISC |
wago — multiple_products |
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. | 2023-06-26 | 4.9 | CVE-2023-1619 MISC |
wago — multiple_products |
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. | 2023-06-26 | 4.9 | CVE-2023-1620 MISC |
wordpress — wordpress | The Ultimate Product Catalog WordPress plugin before 5.2.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-06-27 | 4.8 | CVE-2023-2711 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZApps CRM Memberships plugin <= 1.6 versions. | 2023-06-23 | 4.8 | CVE-2023-27427 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions. | 2023-06-23 | 4.8 | CVE-2023-28751 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions. | 2023-06-26 | 4.8 | CVE-2023-29424 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress plugin <= 1.3.1 versions. | 2023-06-26 | 4.8 | CVE-2023-29434 MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions. | 2023-06-23 | 4.8 | CVE-2023-32580 MISC |
student_study_center_management_system_project — student_study_center_management_system | Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the “Admin Name” field on Admin Profile page. | 2023-06-26 | 4.8 | CVE-2023-33580 MISC MISC |
wordpress — wordpress | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <= 1.2.1 versions. | 2023-06-23 | 4.8 | CVE-2023-35048 MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It’s possible to perform an XSS by forging a request to a delete attachment action with a specific attachment name. Now this XSS can be exploited only if the attacker knows the CSRF token of the user, or if the user ignores the warning about the missing CSRF token. The vulnerability has been patched in XWiki 15.1-rc-1 and XWiki 14.10.6. | 2023-06-23 | 4.8 | CVE-2023-35157 MISC MISC MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2023-06-29 | 4.7 | CVE-2022-23264 MISC |
dell — alienware_m15_r6_firmware | Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | 2023-06-23 | 4.6 | CVE-2023-28064 MISC |
apple — macos | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6. A shortcut may be able to use sensitive data with certain actions without prompting the user | 2023-06-23 | 4.6 | CVE-2023-32391 MISC MISC MISC MISC |
wordpress — wordpress |
The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the ‘comment’ parameter due to insufficient input sanitization and output escaping in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | 2023-06-29 | 4.4 | CVE-2023-1602 MISC MISC MISC |
google — android | In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783657References: N/A | 2023-06-28 | 4.4 | CVE-2023-21148 MISC |
google — android | In handle_set_parameters_ctrl of hal_socket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-267312009References: N/A | 2023-06-28 | 4.4 | CVE-2023-21150 MISC |
google — android | In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783910References: N/A | 2023-06-28 | 4.4 | CVE-2023-21154 MISC |
google — android | In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the modem with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne lAndroid ID: A-264540759References: N/A | 2023-06-28 | 4.4 | CVE-2023-21156 MISC |
google — android | In inviteInternal of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-274443441 | 2023-06-28 | 4.4 | CVE-2023-21169 MISC |
google — android | In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-252764410 | 2023-06-28 | 4.4 | CVE-2023-21170 MISC |
google — android | In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-222287335 | 2023-06-28 | 4.4 | CVE-2023-21176 MISC |
wordpress — wordpress |
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.3. This is due to missing or incorrect nonce validation on the handle_leave_calendar_filter, add_enable_disable_option_save, leave_policies, process_bulk_action, and process_crm_contact functions. This makes it possible for unauthenticated attackers to modify the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36735 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The WooCommerce Checkout & Funnel Builder by CartFlows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.15. This is due to missing or incorrect nonce validation on the export_json, import_json, and status_logs_file functions. This makes it possible for unauthenticated attackers to import/export settings and trigger logs showing via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36736 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Import / Export Customizer Settings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the astra_admin_errors() function. This makes it possible for unauthenticated attackers to display an import status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36737 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Cool Timeline (Horizontal & Vertical Timeline) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctl_save() function. This makes it possible for unauthenticated attackers to save field icons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36738 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Feed Them Social – Page, Post, Video, and Photo Galleries plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the my_fts_fb_load_more() function. This makes it possible for unauthenticated attackers to load feeds via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36739 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Radio Buttons for Taxonomies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the save_single_term() function. This makes it possible for unauthenticated attackers to save terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36740 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The MultiVendorX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.7. This is due to missing or incorrect nonce validation on the submit_comment() function. This makes it possible for unauthenticated attackers to submit comments via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36741 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Custom Field Template plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.1. This is due to missing or incorrect nonce validation on the edit_meta_value() function. This makes it possible for unauthenticated attackers to edit meta field values via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36742 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Product Catalog Simple plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.13. This is due to missing or incorrect nonce validation on the implecode_save_products_meta() function. This makes it possible for unauthenticated attackers to update product meta via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36743 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on the generate_conversions() function. This makes it possible for unauthenticated attackers to generate conversions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36744 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The WP Project Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.0. This is due to missing or incorrect nonce validation on the do_updates() function. This makes it possible for unauthenticated attackers to trigger updates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36745 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswp_save_meta() function. This makes it possible for unauthenticated attackers to save meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36746 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Lightweight Sidebar Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.4. This is due to missing or incorrect nonce validation on the metabox_save() function. This makes it possible for unauthenticated attackers to save metbox data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36747 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. This is due to missing or incorrect nonce validation on the handle_order_export() function. This makes it possible for unauthenticated attackers to trigger an order export via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36748 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Easy Testimonials plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.6.1. This is due to missing or incorrect nonce validation on the saveCustomFields() function. This makes it possible for unauthenticated attackers to save custom fields via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2020-36749 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The WordPress Photo Gallery – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the load_images_thumbnail() and edit_gallery() functions. This makes it possible for unauthenticated attackers to edit galleries via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4384 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress | The Opal Estate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.11. This is due to missing or incorrect nonce validation on the opalestate_set_feature_property() and opalestate_remove_feature_property() functions. This makes it possible for unauthenticated attackers to set and remove featured properties via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | wordpress — wordpressCVE-2021-4387 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Opal Estate plugin for WordPress is vulnerable to featured property modifications in versions up to, and including, 1.6.11. This is due to missing capability checks on the opalestate_set_feature_property() and opalestate_remove_feature_property() functions. This makes it possible for unauthenticated attackers to set and remove featured properties. | 2023-07-01 | 4.3 | CVE-2021-4388 MISC MISC MISC |
wordpress — wordpress |
The WP Travel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.6. This is due to missing or incorrect nonce validation on the save_meta_data() function. This makes it possible for unauthenticated attackers to save metadata for travel posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4389 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Contact Form 7 Style plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the manage_wp_posts_be_qe_save_post() function. This makes it possible for unauthenticated attackers to quick edit templates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4390 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the mwb_wgm_save_post() function. This makes it possible for unauthenticated attackers to modify product gift card details via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4391 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.43. This is due to missing or incorrect nonce validation on the implecode_save_products_meta() function. This makes it possible for unauthenticated attackers to save product meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4392 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.17. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to save manual digital orders via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4393 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the get_items() and extra_tablenav() functions. This makes it possible for unauthenticated attackers to perform read-only actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4395 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the save_rc_post_meta() function. This makes it possible for unauthenticated attackers to save post meta via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4396 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Staff Directory Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.6. This is due to missing or incorrect nonce validation on the saveCustomFields() function. This makes it possible for unauthenticated attackers to save custom fields via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4397 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Edwiser Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,2.0.6. This is due to missing or incorrect nonce validation on the user_data_synchronization_initiater(), course_synchronization_initiater(), users_link_to_moodle_synchronization(), connection_test_initiater(), admin_menus(), and subscribe_handler() function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4399 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This is due to missing or incorrect nonce validation on the bsearch_process_settings_import() and bsearch_process_settings_export() functions. This makes it possible for unauthenticated attackers to import and export settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4400 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Multiple Roles plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the mu_add_roles_in_signup_meta() and mu_add_roles_in_signup_meta_recently() functions. This makes it possible for unauthenticated attackers to add additional roles to users via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4402 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Remove Schema plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the validate() function. This makes it possible for unauthenticated attackers to modify the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4403 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Event Espresso 4 Decaf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.10.11. This is due to missing or incorrect nonce validation on the ajaxHandler() function. This makes it possible for unauthenticated attackers to op into notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4404 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wordpress — wordpress |
The ElasticPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.3. This is due to missing or incorrect nonce validation on the epio_send_autosuggest_allowed() function. This makes it possible for unauthenticated attackers to send allowed parameters for autosuggest to elasticpress[.]io via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-07-01 | 4.3 | CVE-2021-4405 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
apple — macos | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key | 2023-06-23 | 4.3 | CVE-2022-42807 MISC |
wordpress — wordpress |
The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachments to site users. | 2023-06-28 | 4.3 | CVE-2023-1844 MISC MISC MISC |
wordpress — wordpress | The KiviCare WordPress plugin before 3.2.1 does not have proper CSRF and authorisation checks in various AJAX actions, allowing any authenticated users, such as subscriber to call them. Attacks include but are not limited to: Add arbitrary Clinic Admin/Doctors/etc and update plugin’s settings | 2023-06-27 | 4.3 | CVE-2023-2627 MISC |
wordpress — wordpress |
The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.40. This is due to missing or incorrect nonce validation when sending test emails. This makes it possible for unauthenticated attackers to send test emails with custom content to users on sites running a vulnerable version of this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | 2023-06-28 | 4.3 | CVE-2023-3407 MISC MISC MISC |
xwiki — xwiki | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1. | 2023-06-23 | 4.3 | CVE-2023-34466 MISC MISC |
google — android | In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-140762419 | 2023-06-28 | 4.1 | CVE-2023-21178 MISC |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
admidio — admidio | Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. | 2023-06-23 | 3.5 | CVE-2023-3303 MISC CONFIRM |
apple — macos | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression | 2023-06-23 | 3.3 | CVE-2022-42834 MISC MISC MISC |
apple — macos | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to observe unprotected user data | 2023-06-23 | 3.3 | CVE-2023-32386 MISC MISC MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 2023-07-01 | 3.1 | CVE-2021-42307 MISC |
microsoft — edge |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2023-06-29 | 3.1 | CVE-2022-29147 MISC |
apple — ipados | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication | 2023-06-23 | 2.4 | CVE-2023-32365 MISC MISC |
apple — macos | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen | 2023-06-23 | 2.4 | CVE-2023-32394 MISC MISC MISC MISC |
apple — watchos | This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features | 2023-06-23 | 2.4 | CVE-2023-32417 MISC |
apple — macos | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup | 2023-06-23 | 2.1 | CVE-2023-32390 MISC MISC MISC |
Severity Not Yet Assigned
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
jetbrains — teamcity |
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request. | 2023-06-29 | not yet calculated | CVE-2015-1313 MISC MISC |
gnu_c_library — gnu_c_library |
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | 2023-06-25 | not yet calculated | CVE-2015-20109 MISC |
espcms — espcms |
An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnerability that allows arbitrary code to be executed via the title parameter. | 2023-06-27 | not yet calculated | CVE-2020-18404 MISC |
cmseasy — cmseasy |
An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data. | 2023-06-27 | not yet calculated | CVE-2020-18406 MISC |
catfishcms — catfishcms |
Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html. | 2023-06-27 | not yet calculated | CVE-2020-18409 MISC |
chaoji_cms — chaoji_cms |
A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges. | 2023-06-27 | not yet calculated | CVE-2020-18410 MISC |
chaoji_cms — chaoji_cms |
Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code. | 2023-06-27 | not yet calculated | CVE-2020-18413 MISC |
chaoji_cms — chaoji_cms |
Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset. | 2023-06-27 | not yet calculated | CVE-2020-18414 MISC |
jymusic — jymusic |
An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information. | 2023-06-27 | not yet calculated | CVE-2020-18416 MISC |
feifeicms — feifeicms |
A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert. | 2023-06-27 | not yet calculated | CVE-2020-18418 MISC MISC |
semcms_php — semcms_php |
File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. | 2023-06-30 | not yet calculated | CVE-2020-18432 MISC |
cryptoprof_wcms — cryptoprof_wcms |
Directory Traversal vulnerability found in Cryptoprof WCMS v.0.3.2 allows a remote attacker to execute arbitrary code via the wex/cssjs.php parameter. | 2023-06-27 | not yet calculated | CVE-2020-19902 MISC |
bludit — bludit |
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images. | 2023-06-26 | not yet calculated | CVE-2020-20210 MISC |
jquery — jquery |
Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element. | 2023-06-26 | not yet calculated | CVE-2020-23064 MISC MISC |
ez_systems — as_ezpublish_platform/ez_publish_legacy |
Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf. | 2023-06-26 | not yet calculated | CVE-2020-23065 MISC |
tinycme — tinycme |
Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function. | 2023-06-26 | not yet calculated | CVE-2020-23066 MISC MISC |
requests-xml — requests-xml |
requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 2023-06-29 | not yet calculated | CVE-2020-26708 MISC |
py-xml — py-xml |
py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 2023-06-29 | not yet calculated | CVE-2020-26709 MISC |
easy-parse — easy-parse |
easy-parse v0.1.1 was discovered to contain a XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 2023-06-29 | not yet calculated | CVE-2020-26710 MISC |
emby — emby_server |
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. | 2023-06-28 | not yet calculated | CVE-2021-25827 MISC MISC CONFIRM |
emby — emby_server |
Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web. | 2023-06-28 | not yet calculated | CVE-2021-25828 MISC |
dzzoffice– dzzoffice |
A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML. | 2023-06-27 | not yet calculated | CVE-2021-30203 MISC |
dzzoffice — dzzoffice |
Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames. | 2023-06-27 | not yet calculated | CVE-2021-30205 MISC |
jfinal — jfinal |
Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function. | 2023-06-26 | not yet calculated | CVE-2021-31635 MISC |
google — android |
In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-194480991 | 2023-06-28 | not yet calculated | CVE-2022-20443 MISC |
ibm — qradar_siem |
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403. | 2023-06-27 | not yet calculated | CVE-2022-34352 MISC MISC |
tenda — ac6_ac1200 |
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | 2023-06-26 | not yet calculated | CVE-2022-40010 MISC |
wordpress — wordpress |
The Editorial Calendar WordPress plugin through 3.7.12 does not sanitise and escape its settings, allowing users with roles as low as contributor to inject arbitrary web scripts in the plugin admin panel, enabling a Stored Cross-Site Scripting vulnerability targeting higher privileged users. | 2023-06-27 | not yet calculated | CVE-2022-4115 MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization | 2023-06-28 | not yet calculated | CVE-2022-4143 CONFIRM MISC MISC |
responsive_filemanager– responsive_filemanager |
In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE. | 2023-06-28 | not yet calculated | CVE-2022-44276 MISC |
ucopia — weblib |
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions. | 2023-06-29 | not yet calculated | CVE-2022-44719 MISC MISC |
ucopia — weblib |
An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot. | 2023-06-29 | not yet calculated | CVE-2022-44720 MISC MISC |
ericsson — network_manager |
Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability | 2023-06-29 | not yet calculated | CVE-2022-46407 MISC |
ericsson — network_manager |
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability. | 2023-06-29 | not yet calculated | CVE-2022-46408 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48331 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48332 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48333 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48334 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48335 MISC |
widevine — trusted_application |
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow. | 2023-06-26 | not yet calculated | CVE-2022-48336 MISC |
apple — macos |
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system | 2023-06-28 | not yet calculated | CVE-2022-48505 MISC |
wordpress — wordpress |
The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin. | 2023-06-27 | not yet calculated | CVE-2023-0588 MISC |
wordpress — wordpress |
The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 2023-06-27 | not yet calculated | CVE-2023-0873 MISC |
wordpress — wordpress |
The USM-Premium WordPress plugin before 16.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | 2023-06-27 | not yet calculated | CVE-2023-1166 MISC |
linux — kernel |
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. | 2023-06-30 | not yet calculated | CVE-2023-1206 MISC |
linux — kernel |
A time-of-check to time-of-use issue exists in io_uring subsystem’s IORING_OP_CLOSE operation in the Linux kernel’s versions 5.6 – 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93. | 2023-06-28 | not yet calculated | CVE-2023-1295 MISC MISC MISC MISC MISC |
wordpress — wordpress |
The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting | 2023-06-27 | not yet calculated | CVE-2023-1891 MISC |
cisco — cisco_adaptive_security_appliance |
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload. | 2023-06-28 | not yet calculated | CVE-2023-20006 CISCO |
cisco — cisco_web_security_appliance |
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-06-28 | not yet calculated | CVE-2023-20028 CISCO |
tenable — multiple_products |
Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges. | 2023-06-26 | not yet calculated | CVE-2023-2005 MISC |
cisco — cisco_telepresence_video_communication_server |
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: “Cisco Expressway Series” refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-06-28 | not yet calculated | CVE-2023-20105 CISCO |
cisco — cisco_unified_communications_manager |
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted login message to the affected device. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating. Exploitation of this vulnerability does not impact Cisco Unified CM IM&P users who were authenticated prior to an attack. | 2023-06-28 | not yet calculated | CVE-2023-20108 CISCO |
cisco — cisco_unified_communications_manager |
A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. | 2023-06-28 | not yet calculated | CVE-2023-20116 CISCO |
cisco — cisco_web_security_appliance |
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-06-28 | not yet calculated | CVE-2023-20119 CISCO |
cisco — cisco_web_security_appliance |
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-06-28 | not yet calculated | CVE-2023-20120 CISCO |
cisco — cisco_secure_workload |
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels. | 2023-06-28 | not yet calculated | CVE-2023-20136 CISCO |
cisco — cisco_anyconnect_secure_mobility_client |
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges. | 2023-06-28 | not yet calculated | CVE-2023-20178 CISCO |
cisco — cisco_small_business_smart_and_managed_switches |
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device. Cisco has not released software updates to address this vulnerability. | 2023-06-28 | not yet calculated | CVE-2023-20188 CISCO |
cisco — cisco_telepresence_video_communication_server_expressway |
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: “Cisco Expressway Series” refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details section of this advisory. | 2023-06-28 | not yet calculated | CVE-2023-20192 CISCO |
cisco — cisco_duo |
A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device. This vulnerability is due to the incorrect handling of responses from Cisco Duo when the application is configured to fail open. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permission. | 2023-06-28 | not yet calculated | CVE-2023-20199 CISCO |
wordpress — wordpress |
The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities. | 2023-06-27 | not yet calculated | CVE-2023-2032 MISC |
wordpress — wordpress |
The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. | 2023-06-27 | not yet calculated | CVE-2023-2068 MISC |
google — android |
In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783635References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21158 MISC |
google — android |
In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783565References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21159 MISC |
google — android |
In BuildSetTcsFci of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263784118References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21160 MISC |
google — android |
In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-263783702References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21161 MISC |
google — android |
In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-259942964 | 2023-06-28 | not yet calculated | CVE-2023-21167 MISC |
google — android |
In xmlParseTryOrFinish of parser.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-261365944 | 2023-06-28 | not yet calculated | CVE-2023-21180 MISC |
google — android |
In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-264880969 | 2023-06-28 | not yet calculated | CVE-2023-21181 MISC |
google — android |
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13Android ID: A-252764175 | 2023-06-28 | not yet calculated | CVE-2023-21182 MISC |
google — android |
In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-235863754 | 2023-06-28 | not yet calculated | CVE-2023-21183 MISC |
google — android |
In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-267809568 | 2023-06-28 | not yet calculated | CVE-2023-21184 MISC |
google — android |
In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-266700762 | 2023-06-28 | not yet calculated | CVE-2023-21185 MISC |
google — android |
In LogResponse of Dns.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-261079188 | 2023-06-28 | not yet calculated | CVE-2023-21186 MISC |
google — android |
In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-246542917 | 2023-06-28 | not yet calculated | CVE-2023-21187 MISC |
google — android |
In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-264624283 | 2023-06-28 | not yet calculated | CVE-2023-21188 MISC |
google — android |
In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-13 Android ID: A-213942596 | 2023-06-28 | not yet calculated | CVE-2023-21189 MISC |
google — android |
In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-13 Android ID: A-251436534 | 2023-06-28 | not yet calculated | CVE-2023-21190 MISC |
google — android |
In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-269738057 | 2023-06-28 | not yet calculated | CVE-2023-21191 MISC |
google — android |
In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-227207653 | 2023-06-28 | not yet calculated | CVE-2023-21192 MISC |
google — android |
In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-233006499 | 2023-06-28 | not yet calculated | CVE-2023-21193 MISC |
google — android |
In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-260079141 | 2023-06-28 | not yet calculated | CVE-2023-21194 MISC |
google — android | In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-233879420 | 2023-06-28 | not yet calculated | CVE-2023-21195 MISC |
google — android |
In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-261857395 | 2023-06-28 | not yet calculated | CVE-2023-21196 MISC |
google — android |
In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-251427561 | 2023-06-28 | not yet calculated | CVE-2023-21197 MISC |
google — android |
In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-245517503 | 2023-06-28 | not yet calculated | CVE-2023-21198 MISC |
google — android |
In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-254445961 | 2023-06-28 | not yet calculated | CVE-2023-21199 MISC |
google — android |
In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-236688764 | 2023-06-28 | not yet calculated | CVE-2023-21200 MISC |
google — android |
In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-263545186 | 2023-06-28 | not yet calculated | CVE-2023-21201 MISC |
google — android |
In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-260568359 | 2023-06-28 | not yet calculated | CVE-2023-21202 MISC |
google — android |
In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262246082 | 2023-06-28 | not yet calculated | CVE-2023-21203 MISC |
google — android |
In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262246231 | 2023-06-28 | not yet calculated | CVE-2023-21204 MISC |
google — android |
In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262245376 | 2023-06-28 | not yet calculated | CVE-2023-21205 MISC |
google — android |
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262245630 | 2023-06-28 | not yet calculated | CVE-2023-21206 MISC |
google — android |
In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262236670 | 2023-06-28 | not yet calculated | CVE-2023-21207 MISC |
google — android |
In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262245254 | 2023-06-28 | not yet calculated | CVE-2023-21208 MISC |
google — android |
In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262236273 | 2023-06-28 | not yet calculated | CVE-2023-21209 MISC |
google — android |
In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262236331 | 2023-06-28 | not yet calculated | CVE-2023-21210 MISC |
google — android |
In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262235998 | 2023-06-28 | not yet calculated | CVE-2023-21211 MISC |
google — android |
In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262236031 | 2023-06-28 | not yet calculated | CVE-2023-21212 MISC |
google — android |
In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262235951 | 2023-06-28 | not yet calculated | CVE-2023-21213 MISC |
google — android |
In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-262235736 | 2023-06-28 | not yet calculated | CVE-2023-21214 MISC |
google — android |
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-264698379References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21219 MISC |
google — android |
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-264590585References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21220 MISC |
google — android |
In load_dt_data of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-266977723References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21222 MISC |
google — android |
In LPP_ConvertGNSS_DataBitAssistance of LPP_CommonUtil.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-256047000References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21223 MISC |
google — android |
In ss_ProcessReturnResultComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-265276966References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21224 MISC |
google — android |
there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android kernel Android ID: A-270403821References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21225 MISC |
google — android |
In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-240728187References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21226 MISC |
google — android |
In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-270148537References: N/A | 2023-06-28 | not yet calculated | CVE-2023-21236 MISC |
google — android | In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-13 Android ID: A-251586912 | 2023-06-28 | not yet calculated | CVE-2023-21237 MISC |
samsung_mobile — multiple_products |
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | 2023-06-28 | not yet calculated | CVE-2023-21512 MISC |
samsung_mobile — multiple_products |
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | 2023-06-28 | not yet calculated | CVE-2023-21513 MISC |
samsung_mobile — multiple_products |
Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | 2023-06-28 | not yet calculated | CVE-2023-21517 MISC |
samsung_mobile — multiple_products |
Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. | 2023-06-28 | not yet calculated | CVE-2023-21518 MISC |
wordpress — wordpress |
The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 2023-06-27 | not yet calculated | CVE-2023-2178 MISC |
gitlab — gitlab |
An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1, leading to a ReDoS vulnerability in the Jira prefix | 2023-06-28 | not yet calculated | CVE-2023-2232 MISC CONFIRM MISC |
checkmk — checkmk |
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. | 2023-06-26 | not yet calculated | CVE-2023-22359 MISC |
ibm — robotic_process_automation_for_cloud_pak |
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074. | 2023-06-27 | not yet calculated | CVE-2023-22593 MISC MISC |
western_digital — my_cloud_os |
An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that could allow an attacker to carry out an impersonation attack. This issue affects My Cloud OS 5 devices: before 5.26.202. | 2023-07-01 | not yet calculated | CVE-2023-22814 MISC |
western_digital — my_cloud_os |
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This issue affects My Cloud OS 5 devices: before 5.26.300. | 2023-06-30 | not yet calculated | CVE-2023-22815 MISC |
western_digital — my_cloud_os |
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300. | 2023-06-30 | not yet calculated | CVE-2023-22816 MISC |
palantir — contour |
The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create. | 2023-06-27 | not yet calculated | CVE-2023-22834 MISC |
oracle — apache_airflow |
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0. | 2023-06-29 | not yet calculated | CVE-2023-22886 MISC |
lenovo — thinkpad |
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. | 2023-06-26 | not yet calculated | CVE-2023-2290 MISC |
wordpress — wordpress | The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack | 2023-06-27 | not yet calculated | CVE-2023-2326 MISC |
ibm — robotic_process_automation_for_cloud_pak |
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500. | 2023-06-27 | not yet calculated | CVE-2023-23468 MISC MISC |
wordpress — wordpress |
The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin. | 2023-06-27 | not yet calculated | CVE-2023-2482 MISC |
autodesk — navisworks |
A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | 2023-06-27 | not yet calculated | CVE-2023-25001 MISC |
autodesk — multiple_products |
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | 2023-06-27 | not yet calculated | CVE-2023-25002 MISC |
autodesk — multiple_products |
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution. | 2023-06-27 | not yet calculated | CVE-2023-25004 MISC |
quiltmc — quiltmc |
MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal. | 2023-06-26 | not yet calculated | CVE-2023-25306 MISC |
quiltmc — quiltmc |
nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal. | 2023-06-26 | not yet calculated | CVE-2023-25307 MISC MISC |
libtiff — libtiff |
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. | 2023-06-29 | not yet calculated | CVE-2023-25433 MISC MISC |
wordpress — wordpress |
The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). | 2023-06-27 | not yet calculated | CVE-2023-2580 MISC |
wordpress — wordpress |
The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 2023-06-27 | not yet calculated | CVE-2023-2592 MISC |
arm — nn |
A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02. | 2023-06-29 | not yet calculated | CVE-2023-26085 MISC CONFIRM |
git-commit-info — git-commit-info |
Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they control the hash content. | 2023-06-28 | not yet calculated | CVE-2023-26134 MISC MISC MISC |
flatnest — flatnest |
All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in flatnest/nest.js file. | 2023-06-30 | not yet calculated | CVE-2023-26135 MISC MISC MISC |
tough-cookie — tough-cookie |
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. | 2023-07-01 | not yet calculated | CVE-2023-26136 MISC MISC MISC MISC |
hitachi_energy — txpert_hub_coretec_4 |
A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system. | 2023-06-28 | not yet calculated | CVE-2023-2625 MISC |
ibm — qradar_siem | IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 248134. | 2023-06-27 | not yet calculated | CVE-2023-26273 MISC MISC |
ibm — qradar_siem |
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144. | 2023-06-27 | not yet calculated | CVE-2023-26274 MISC MISC |
ibm — qradar_siem |
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 248147. | 2023-06-27 | not yet calculated | CVE-2023-26276 MISC MISC |
hp_inc. — hp_pc_products_using_ami_uefi_firmware |
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability. | 2023-06-30 | not yet calculated | CVE-2023-26299 MISC |
d-link — dir-823 |
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | 2023-06-29 | not yet calculated | CVE-2023-26612 MISC MISC |
d-link — dir-823 |
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted get request to excu_shel. | 2023-06-29 | not yet calculated | CVE-2023-26613 MISC MISC |
d-link — dir-823 |
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password. | 2023-06-28 | not yet calculated | CVE-2023-26615 MISC MISC |
d-link — dir-823 |
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | 2023-06-29 | not yet calculated | CVE-2023-26616 MISC MISC |
libtiff — libtiff |
libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | 2023-06-29 | not yet calculated | CVE-2023-26966 MISC MISC |
pluck_cms — pluck_cms |
Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev4 allows remote attackers to run arbitrary code via upload of crafted html file. | 2023-06-26 | not yet calculated | CVE-2023-27082 MISC |
malwarebytes — anti-exploit |
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a ‘ |