VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-03-24
CVE-2023-20985
Out-of-bounds Write vulnerability in Google Android 13.0
In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation.
local
low complexity
google
CWE-787
7.8
7.8
2023-03-24
CVE-2023-20986
Out-of-bounds Read vulnerability in Google Android 13.0
In btm_ble_clear_resolving_list_complete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google
CWE-125
4.4
4.4
2023-03-23
CVE-2023-24788
SQL Injection vulnerability in Notrinos Notrinoserp 0.7
RESERVED NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.
network
low complexity
notrinos
CWE-89
8.8
8.8
2023-03-23
CVE-2023-28329
SQL Injection vulnerability in Moodle
Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).
network
low complexity
moodle
CWE-89
8.8
8.8
2023-03-23
CVE-2023-28330
Unspecified vulnerability in Moodle
Insufficient sanitizing in backup resulted in an arbitrary file read risk.
network
low complexity
moodle
6.5
6.5
2023-03-23
CVE-2023-28331
Cross-site Scripting vulnerability in Moodle
Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.
network
low complexity
moodle
CWE-79
6.1
6.1
2023-03-23
CVE-2023-26359
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
CWE-502
critical
9.8
9.8
2023-03-23
CVE-2023-26360
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
CWE-284
8.6
8.6
2023-03-23
CVE-2023-26361
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read.
network
low complexity
CWE-22
4.9
4.9
2023-03-23
CVE-2023-1605
Resource Exhaustion vulnerability in Radare Radare2
Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.
network
low complexity
radare
CWE-400
7.5
7.5
«
Previous
1
2
...
3
4
5
(current)
6
7
...
19171
19172
»
Next