Weekly Vulnerabilities Reports > May 1 to 7, 2023

Overview

336 new vulnerabilities reported during this period, including 45 critical vulnerabilities and 114 high severity vulnerabilities. This weekly summary report vulnerabilities in 637 products from 183 vendors including Samsung, Fedoraproject, IBM, Debian, and Qualcomm. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "SQL Injection", "OS Command Injection", and "Path Traversal".

  • 265 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 151 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 148 reported vulnerabilities are exploitable by an anonymous user.
  • Samsung has the most reported vulnerabilities, with 28 reported vulnerabilities.
  • Totolink has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

45 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-05-07 CVE-2023-2564 Scanservjs Project OS Command Injection vulnerability in Scanservjs Project Scanservjs

OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.

10.0
2023-05-04 CVE-2023-22651 Suse Improper Privilege Management vulnerability in Suse Rancher

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation.

9.9
2023-05-07 CVE-2023-31047 Djangoproject
Fedoraproject
Improper Input Validation vulnerability in multiple products

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files.

9.8
2023-05-06 CVE-2016-15031 PHP Login Project SQL Injection vulnerability in PHP-Login Project PHP-Login 1.0

A vulnerability was found in PHP-Login 1.0.

9.8
2023-05-05 CVE-2023-30053 Totolink OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

9.8
2023-05-05 CVE-2023-30054 Totolink OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability.

9.8
2023-05-05 CVE-2023-30013 Totolink OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102/9.1.0U.6369B20230113

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg.

9.8
2023-05-05 CVE-2023-30242 Netentsec SQL Injection vulnerability in Netentsec Application Security Gateway 6.3

NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php.

9.8
2023-05-05 CVE-2023-30090 SEM CMS Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 4.2

Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php.

9.8
2023-05-05 CVE-2023-30122 Online Food Ordering System Project Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0

An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

9.8
2023-05-05 CVE-2023-30135 Tenda Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)Cn

Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.

9.8
2023-05-05 CVE-2023-2531 Azuracast Improper Restriction of Excessive Authentication Attempts vulnerability in Azuracast

Improper Restriction of Excessive Authentication Attempts in GitHub repository azuracast/azuracast prior to 0.18.3.

9.8
2023-05-04 CVE-2023-21494 Samsung Classic Buffer Overflow vulnerability in Samsung Android 13.0

Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

9.8
2023-05-04 CVE-2023-21503 Samsung Classic Buffer Overflow vulnerability in Samsung Android 13.0

Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

9.8
2023-05-04 CVE-2023-21504 Samsung Classic Buffer Overflow vulnerability in Samsung Android 11.0/12.0/13.0

Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

9.8
2023-05-04 CVE-2023-30328 Mailbutler Improper Authentication vulnerability in Mailbutler Shimo 5.0.4

An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers to bypass authentication via PID re-use.

9.8
2023-05-04 CVE-2023-20126 Cisco Missing Authentication for Critical Function vulnerability in Cisco Spa112 Firmware 1.4.1

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

9.8
2023-05-04 CVE-2023-23059 Geovision Incorrect Default Permissions vulnerability in Geovision Gv-Edge Recording Manager 2.2.3.0

An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges.

9.8
2023-05-04 CVE-2023-30264 Cltphp Unrestricted Upload of File with Dangerous Type vulnerability in Cltphp 6.0

CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.

9.8
2023-05-04 CVE-2023-30268 Cltphp Path Traversal vulnerability in Cltphp 6.0

CLTPHP <=6.0 is vulnerable to Improper Input Validation.

9.8
2023-05-04 CVE-2023-2524 Controlid Forced Browsing vulnerability in Controlid Rhid 23.3.19.0

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0.

9.8
2023-05-04 CVE-2023-2523 E Office Unrestricted Upload of File with Dangerous Type vulnerability in E-Office 9.5

A vulnerability was found in Weaver E-Office 9.5.

9.8
2023-05-04 CVE-2023-2519 Catontechnology SQL Injection vulnerability in Catontechnology CTP Relay Server 1.2.9

A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical.

9.8
2023-05-04 CVE-2023-2520 Catontechnology Command Injection vulnerability in Catontechnology Caton Prime 2.1.2.51.E8D7225049(202303031001)

A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031001) and classified as critical.

9.8
2023-05-04 CVE-2023-30203 Judging Management System Project SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0

Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php.

9.8
2023-05-04 CVE-2023-29827 EJS Injection vulnerability in EJS 3.1.9

ejs v3.1.9 is vulnerable to server-side template injection.

9.8
2023-05-04 CVE-2023-30077 Judging Management System Project SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0

Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id.

9.8
2023-05-04 CVE-2023-30331 Beetl Project Unspecified vulnerability in Beetl Project Beetl 3.15

An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload.

9.8
2023-05-04 CVE-2022-47757 IMO Path Traversal vulnerability in IMO 2022.11.1051

In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory.

9.8
2023-05-03 CVE-2023-30204 Judging Management System Project SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0

Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php.

9.8
2023-05-03 CVE-2023-25826 Opentsdb OS Command Injection vulnerability in Opentsdb

Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system.

9.8
2023-05-02 CVE-2023-26089 Echa Europa Use of Hard-coded Credentials vulnerability in Echa.Europa Iuclid

European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing.

9.8
2023-05-02 CVE-2023-29778 GL Inet OS Command Injection vulnerability in Gl-Inet Gl-Mt3000 Firmware 4.1.0

GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.

9.8
2023-05-02 CVE-2023-29856 Dlink Classic Buffer Overflow vulnerability in Dlink Dir-868L Firmware 1.12

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow.

9.8
2023-05-02 CVE-2023-2479 Appium OS Command Injection vulnerability in Appium Appium-Desktop

OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.

9.8
2023-05-02 CVE-2023-30869 Sandhillsdev Improper Authentication vulnerability in Sandhillsdev Easy Digital Downloads

Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth.

9.8
2023-05-02 CVE-2023-1730 Supportcandy Unspecified vulnerability in Supportcandy

The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks

9.8
2023-05-01 CVE-2022-35898 Opentext Improper Authentication vulnerability in Opentext Bizmanager

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation.

9.8
2023-05-01 CVE-2023-29635 Antabot White Jotter Project Unrestricted Upload of File with Dangerous Type vulnerability in Antabot White-Jotter Project Antabot White-Jotter 0.2.2

File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload.

9.8
2023-05-01 CVE-2023-2451 Online DJ Management System Project SQL Injection vulnerability in Online DJ Management System Project Online DJ Management System 1.0

A vulnerability was found in SourceCodester Online DJ Management System 1.0 and classified as critical.

9.8
2023-05-01 CVE-2022-45802 Apache Unrestricted Upload of File with Dangerous Type vulnerability in Apache Streampark

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later

9.8
2023-05-01 CVE-2023-30859 Triton Project Unspecified vulnerability in Triton Project Triton

Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server.

9.8
2023-05-01 CVE-2015-10105 IP Finder Path Traversal vulnerability in Ip-Finder IP Blacklist Cloud

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress.

9.8
2023-05-01 CVE-2022-46365 Apache Unspecified vulnerability in Apache Streampark

Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to send any username to modify and reset the account, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later.

9.1
2023-05-03 CVE-2023-22637 Fortinet Cross-site Scripting vulnerability in Fortinet Fortinac and Fortinac-F

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management would permit an authenticated attacker to trigger remote code execution via crafted licenses.

9.0

114 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-05-05 CVE-2023-30065 Mitrastar Unspecified vulnerability in Mitrastar Gpt-2741Gnac-N2 Firmware Brg5.91.11(Wvk.0)B32

MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function.

8.8
2023-05-05 CVE-2023-2551 Bumsys Project Inclusion of Functionality from Untrusted Control Sphere vulnerability in Bumsys Project Bumsys

PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.

8.8
2023-05-05 CVE-2023-2552 Bumsys Project Cross-Site Request Forgery (CSRF) vulnerability in Bumsys Project Bumsys

Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.

8.8
2023-05-05 CVE-2022-45048 Apache Injection vulnerability in Apache Ranger 2.3.0

Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0.

8.8
2023-05-04 CVE-2023-31414 Elastic Code Injection vulnerability in Elastic Kibana

Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw.

8.8
2023-05-04 CVE-2023-31415 Elastic Code Injection vulnerability in Elastic Kibana 8.7.0

Kibana version 8.7.0 contains an arbitrary code execution flaw.

8.8
2023-05-04 CVE-2023-24958 IBM Unspecified vulnerability in IBM products

A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution.

8.8
2023-05-04 CVE-2022-4259 Nozominetworks SQL Injection vulnerability in Nozominetworks CMC and Guardian

Due to improper input validation in the Alerts controller, a SQL injection vulnerability in Nozomi Networks Guardian and CMC allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.

8.8
2023-05-04 CVE-2023-29842 Churchcrm SQL Injection vulnerability in Churchcrm 4.5.4

ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection (Time-based) via the EN_tyid POST parameter.

8.8
2023-05-04 CVE-2023-27568 Spryker SQL Injection vulnerability in Spryker Commerce OS 0.9

SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=

8.8
2023-05-04 CVE-2023-31099 Zohocorp Unspecified vulnerability in Zohocorp Manageengine Opmanager

Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.

8.8
2023-05-03 CVE-2023-22640 Fortinet Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.

8.8
2023-05-03 CVE-2023-2182 Gitlab Unspecified vulnerability in Gitlab 15.10.0/15.11.0

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

8.8
2023-05-03 CVE-2023-25967 Peepso Cross-Site Request Forgery (CSRF) vulnerability in Peepso

Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo plugin <= 6.0.2.0 versions.

8.8
2023-05-03 CVE-2023-28742 F5 OS Command Injection vulnerability in F5 Big-Ip Domain Name System

When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.8
2023-05-03 CVE-2023-1385 Amazon Use of Insufficiently Random Values vulnerability in Amazon Fire OS

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3.

8.8
2023-05-03 CVE-2022-3405 Acronis Unspecified vulnerability in Acronis Cyber Backup and Cyber Protect

Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent.

8.8
2023-05-03 CVE-2023-23790 Podsfoundation Cross-Site Request Forgery (CSRF) vulnerability in Podsfoundation Pods

Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team Pods – Custom Content Types and Fields plugin <= 2.9.10.2 versions.

8.8
2023-05-03 CVE-2023-22691 Tipsandtricks HQ Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq Category Specific RSS Feed Subscription

Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.1 versions.

8.8
2023-05-03 CVE-2023-2461 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction.

8.8
2023-05-02 CVE-2022-30759 Nokia Incorrect Default Permissions vulnerability in Nokia One-Nds

In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.

8.8
2023-05-02 CVE-2022-47875 Jedox Path Traversal vulnerability in Jedox Cloud and Jedox

A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code.

8.8
2023-05-02 CVE-2022-47876 Jedox Unspecified vulnerability in Jedox 2020.2.5

The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.

8.8
2023-05-02 CVE-2022-47878 Jedox Unrestricted Upload of File with Dangerous Type vulnerability in Jedox 2020.2.5

Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory.

8.8
2023-05-02 CVE-2023-26546 Echa Europa Unspecified vulnerability in Echa.Europa Iuclid

European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template Injection (SSTI) with a crafted template file.

8.8
2023-05-02 CVE-2023-31433 Evasys SQL Injection vulnerability in Evasys 8.2/9.0

A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter.

8.8
2023-05-02 CVE-2023-1196 Advancedcustomfields Unspecified vulnerability in Advancedcustomfields Advanced Custom Fields

The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present.

8.8
2023-05-02 CVE-2023-32007 Apache Command Injection vulnerability in Apache Spark

** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.

8.8
2023-05-01 CVE-2023-22919 Zyxel OS Command Injection vulnerability in Zyxel Nbg6604 Firmware 1.01(Abir.0)C0

The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

8.8
2023-05-01 CVE-2023-0683 Lenovo Unspecified vulnerability in Lenovo products

A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call.

8.8
2023-05-01 CVE-2023-25492 Lenovo Use of Externally-Controlled Format String vulnerability in Lenovo products

A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API.

8.8
2023-05-01 CVE-2023-0896 Lenovo Unspecified vulnerability in Lenovo Smart Clock Essential With Alexa Built in Firmware

A default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow unauthorized device access to an attacker with local network access.

8.8
2023-05-04 CVE-2023-21505 Samsung Unspecified vulnerability in Samsung Core Services

Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.

8.6
2023-05-05 CVE-2021-40331 Apache Incorrect Permission Assignment for Critical Resource vulnerability in Apache Ranger

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin.

8.1
2023-05-04 CVE-2023-30399 Garo Incorrect Permission Assignment for Critical Resource vulnerability in Garo products

Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.

8.1
2023-05-03 CVE-2023-0805 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

8.1
2023-05-03 CVE-2023-28656 F5 Authorization Bypass Through User-Controlled Key vulnerability in F5 products

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.1
2023-05-02 CVE-2023-31435 Evasys Incorrect Authorization vulnerability in Evasys 8.2/9.0

Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly.

8.1
2023-05-03 CVE-2023-0756 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

8.0
2023-05-05 CVE-2023-28068 Dell Incorrect Permission Assignment for Critical Resource vulnerability in Dell Command | Monitor

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability.

7.8
2023-05-04 CVE-2023-21484 Samsung Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

7.8
2023-05-04 CVE-2023-21488 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.

7.8
2023-05-04 CVE-2023-21491 Samsung Unspecified vulnerability in Samsung Android 12.0/13.0

Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.

7.8
2023-05-04 CVE-2023-21497 Samsung Use of Externally-Controlled Format String vulnerability in Samsung Android 13.0

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.

7.8
2023-05-04 CVE-2023-21498 Samsung Improper Input Validation vulnerability in Samsung Android 13.0

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.

7.8
2023-05-04 CVE-2023-21499 Samsung Out-of-bounds Write vulnerability in Samsung Android 13.0

Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

7.8
2023-05-04 CVE-2023-21501 Samsung Improper Input Validation vulnerability in Samsung Android 13.0

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

7.8
2023-05-04 CVE-2023-21502 Samsung Improper Input Validation vulnerability in Samsung Android 12.0/13.0

Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.

7.8
2023-05-04 CVE-2023-21506 Samsung Out-of-bounds Write vulnerability in Samsung Blockchain Keystore

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

7.8
2023-05-04 CVE-2023-21508 Samsung Out-of-bounds Write vulnerability in Samsung Blockchain Keystore

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

7.8
2023-05-04 CVE-2023-21509 Samsung Out-of-bounds Write vulnerability in Samsung Blockchain Keystore

Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.

7.8
2023-05-04 CVE-2023-31284 Illumos Out-of-bounds Write vulnerability in Illumos Illumos-Gate

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.

7.8
2023-05-04 CVE-2023-25438 Genomedics Incorrect Permission Assignment for Critical Resource vulnerability in Genomedics Millegpg 5.9.2

An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via modifying specific files.

7.8
2023-05-03 CVE-2023-26203 Fortinet Use of Hard-coded Credentials vulnerability in Fortinet Fortinac and Fortinac-F

A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands.

7.8
2023-05-03 CVE-2023-27999 Fortinet OS Command Injection vulnerability in Fortinet Fortiadc 7.1.0/7.1.1/7.2.0

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

7.8
2023-05-03 CVE-2017-11197 Cyberark Unspecified vulnerability in Cyberark Viewfinity 5.5.10.95

In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.

7.8
2023-05-03 CVE-2020-22429 Redox OS Use After Free vulnerability in Redox-Os Redox 0.1.0

redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.

7.8
2023-05-03 CVE-2023-28070 Dell Improper Access Control vulnerability in Dell Alienware Command Center 5.4.35.0/5.5.37.0/5.5.40.0

Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability.

7.8
2023-05-02 CVE-2022-25713 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

7.8
2023-05-02 CVE-2022-33281 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames.

7.8
2023-05-02 CVE-2022-33292 Qualcomm Use After Free vulnerability in Qualcomm products

Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.

7.8
2023-05-02 CVE-2023-21642 Qualcomm Unspecified vulnerability in Qualcomm products

Memory corruption in HAB Memory management due to broad system privileges via physical address.

7.8
2023-05-02 CVE-2023-21665 Qualcomm Incorrect Type Conversion or Cast vulnerability in Qualcomm products

Memory corruption in Graphics while importing a file.

7.8
2023-05-02 CVE-2023-21666 Qualcomm Memory Leak vulnerability in Qualcomm products

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

7.8
2023-05-01 CVE-2022-4568 Lenovo Incorrect Default Permissions vulnerability in Lenovo System Update

A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.

7.8
2023-05-01 CVE-2023-2235 Linux Use After Free vulnerability in Linux Kernel

A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.

7.8
2023-05-01 CVE-2023-2236 Linux
Netapp
Use After Free vulnerability in multiple products

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.

7.8
2023-05-07 CVE-2023-32290 VK Company Missing Encryption of Sensitive Data vulnerability in Vk.Company Mymail

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server.

7.5
2023-05-06 CVE-2022-22313 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Data Synchronization

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2023-05-05 CVE-2023-29350 Microsoft Unspecified vulnerability in Microsoft Edge Chromium

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

7.5
2023-05-05 CVE-2023-26285 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM MQ Appliance

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data.

7.5
2023-05-05 CVE-2023-30243 Netentsec SQL Injection vulnerability in Netentsec Application Security Gateway 6.3

Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.

7.5
2023-05-05 CVE-2023-32235 Ghost Path Traversal vulnerability in Ghost

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal.

7.5
2023-05-04 CVE-2023-30282 Prestashop Unspecified vulnerability in Prestashop Scexportcustomers

PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control.

7.5
2023-05-04 CVE-2023-25289 Virtualreception Path Traversal vulnerability in Virtualreception Digital Reciptie Win7Sp1Rtm.10111918506.1.7601.1.0.65792

Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web server, allows attacker to gain sensitive information via a crafted GET request.

7.5
2023-05-04 CVE-2023-29994 Emqx Out-of-bounds Write vulnerability in Emqx Nanomq 0.15.0

In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.

7.5
2023-05-04 CVE-2023-29995 Emqx Out-of-bounds Write vulnerability in Emqx Nanomq 0.15.0

In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c

7.5
2023-05-04 CVE-2023-29996 Emqx NULL Pointer Dereference vulnerability in Emqx Nanomq 0.15.0

In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode.

7.5
2023-05-04 CVE-2017-20184 Gavazzionline Path Traversal vulnerability in Gavazzionline Powersoft

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device.

7.5
2023-05-04 CVE-2023-25934 Dell Improper Verification of Cryptographic Signature vulnerability in Dell Elastic Cloud Storage 3.0

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability.

7.5
2023-05-03 CVE-2022-45860 Fortinet Improper Authentication vulnerability in Fortinet Fortinac and Fortinac-F

A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success.

7.5
2023-05-03 CVE-2023-29163 F5 Memory Leak vulnerability in F5 products

When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5
2023-05-03 CVE-2022-30995 Acronis Improper Authentication vulnerability in Acronis Cyber Backup and Cyber Protect

Sensitive information disclosure due to improper authentication.

7.5
2023-05-02 CVE-2023-30403 Aigital Insufficient Session Expiration vulnerability in Aigital Wireless-N Repeater Mini Router Firmware 0.131229

An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user.

7.5
2023-05-02 CVE-2023-30861 Palletsprojects Information Exposure Through Persistent Cookies vulnerability in Palletsprojects Flask

Flask is a lightweight WSGI web application framework.

7.5
2023-05-02 CVE-2023-2473 Dreamer CMS Project Algorithmic Complexity vulnerability in Dreamer CMS Project Dreamer CMS

A vulnerability was found in Dreamer CMS up to 4.1.3.

7.5
2023-05-02 CVE-2022-40504 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

7.5
2023-05-02 CVE-2023-1809 Wpdownloadmanager Unspecified vulnerability in Wpdownloadmanager Download Manager 6.0.0

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.

7.5
2023-05-02 CVE-2022-33304 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

7.5
2023-05-02 CVE-2022-33305 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

7.5
2023-05-02 CVE-2022-34144 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

7.5
2023-05-02 CVE-2022-40505 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

7.5
2023-05-02 CVE-2022-40508 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.

7.5
2023-05-02 CVE-2022-48482 3CX Path Traversal vulnerability in 3CX

3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal.

7.5
2023-05-02 CVE-2022-48483 3CX Path Traversal vulnerability in 3CX

3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters.

7.5
2023-05-01 CVE-2023-27035 Obsidian Incorrect Default Permissions vulnerability in Obsidian 1.1.9

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

7.5
2023-05-01 CVE-2023-22921 Zyxel Cross-site Scripting vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0/1.00(Aarp.10)C0/1.00(Aarp.13)C0

A cross-site scripting (XSS) vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to store malicious scripts using a web management interface parameter, resulting in denial-of-service (DoS) conditions on an affected device.

7.5
2023-05-01 CVE-2023-22922 Zyxel Classic Buffer Overflow vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0/1.00(Aarp.10)C0/1.00(Aarp.13)C0

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device.

7.5
2023-05-01 CVE-2022-48186 Lenovo Improper Certificate Validation vulnerability in Lenovo Baiying

A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure.

7.5
2023-05-01 CVE-2023-30061 Dlink Improper Authentication vulnerability in Dlink Dir-879 Firmware 1.10

D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.

7.5
2023-05-01 CVE-2023-30063 Dlink Improper Authentication vulnerability in Dlink Dir-890L Firmware 1.05

D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.

7.5
2023-05-03 CVE-2022-45858 Fortinet Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fortinet Fortinac

A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.

7.4
2023-05-04 CVE-2023-26125 GIN Gonic Improper Input Validation vulnerability in Gin-Gonic GIN

Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. **Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities.

7.3
2023-05-02 CVE-2023-30944 Moodle
Fedoraproject
SQL Injection vulnerability in multiple products

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages.

7.3
2023-05-05 CVE-2023-29963 S CMS Unspecified vulnerability in S-Cms 5.0

S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.

7.2
2023-05-05 CVE-2023-2554 Bumsys Project External Control of File Name or Path vulnerability in Bumsys Project Bumsys

External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.

7.2
2023-05-04 CVE-2023-2522 Feiyuxing OS Command Injection vulnerability in Feiyuxing Vec40G Firmware 3.0

A vulnerability was found in Chengdu VEC40G 3.0.

7.2
2023-05-04 CVE-2023-23470 IBM SQL Injection vulnerability in IBM I

IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing.

7.2
2023-05-02 CVE-2023-0924 Zyrex Unspecified vulnerability in Zyrex Popup 1.0

The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user (such as an Administrator) to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install.

7.2
2023-05-02 CVE-2023-1669 Seopress Unspecified vulnerability in Seopress

The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

7.2
2023-05-04 CVE-2023-21490 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.

7.1
2023-05-03 CVE-2023-27993 Fortinet Path Traversal vulnerability in Fortinet Fortiadc

A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands.

7.1
2023-05-03 CVE-2023-28724 F5 Incorrect Default Permissions vulnerability in F5 products

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.1
2023-05-03 CVE-2023-2460 Google
Debian
Fedoraproject
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page.
7.1

174 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-05-04 CVE-2023-21489 Samsung Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0/13.0

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.

6.8
2023-05-01 CVE-2023-28092 HP Unspecified vulnerability in HP products

A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server.

6.8
2023-05-05 CVE-2023-32269 Linux Use After Free vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 6.1.11.

6.7
2023-05-05 CVE-2023-29659 Struktur
Fedoraproject
Divide By Zero vulnerability in multiple products

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

6.5
2023-05-05 CVE-2022-43919 IBM Improper Input Validation vulnerability in IBM MQ Appliance

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service.

6.5
2023-05-03 CVE-2023-0485 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1.

6.5
2023-05-03 CVE-2023-1965 Gitlab Cross-Site Request Forgery (CSRF) vulnerability in Gitlab

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

6.5
2023-05-03 CVE-2022-40302 Frrouting
Debian
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in bgpd in FRRouting (FRR) through 8.4.

6.5
2023-05-03 CVE-2022-40318 Frrouting
Debian
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in bgpd in FRRouting (FRR) through 8.4.

6.5
2023-05-03 CVE-2022-43681 Frrouting
Debian
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4.

6.5
2023-05-03 CVE-2023-2459 Google
Debian
Fedoraproject
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page.
6.5
2023-05-02 CVE-2022-47874 Jedox Unspecified vulnerability in Jedox Cloud and Jedox

Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.

6.5
2023-05-02 CVE-2023-29867 Zammad Unspecified vulnerability in Zammad 5.3.0/5.3.1

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control.

6.5
2023-05-02 CVE-2023-29868 Zammad Unspecified vulnerability in Zammad 5.3.0/5.3.1

Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control.

6.5
2023-05-02 CVE-2023-1125 Wpruby Unspecified vulnerability in Wpruby Ruby Help Desk

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own.

6.5
2023-05-01 CVE-2023-26987 Konga Project Unspecified vulnerability in Konga Project Konga 0.14.9

An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request.

6.5
2023-05-01 CVE-2023-22923 Zyxel Use of Externally-Controlled Format String vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0/1.00(Aarp.10)C0/1.00(Aarp.13)C0

A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions on an affected device.

6.5
2023-05-07 CVE-2023-2565 Multi Language Hotel Management Software Project Cross-site Scripting vulnerability in Multi Language Hotel Management Software Project Multi Language Hotel Management Software 1.0

A vulnerability has been found in SourceCodester Multi Language Hotel Management Software 1.0 and classified as problematic.

6.1
2023-05-06 CVE-2023-2560 Newbinggogo Project Cross-site Scripting vulnerability in Newbinggogo Project Newbinggogo

A vulnerability was found in jja8 NewBingGoGo up to 2023.5.5.2.

6.1
2023-05-05 CVE-2017-20183 External Media Without Import Project Cross-site Scripting vulnerability in External Media Without Import Project External Media Without Import

A vulnerability was found in External Media without Import Plugin up to 1.0.0 on WordPress.

6.1
2023-05-04 CVE-2023-30093 Onosproject Cross-site Scripting vulnerability in Onosproject Onos

A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

6.1
2023-05-04 CVE-2022-47449 Rextheme Cross-site Scripting vulnerability in Rextheme Cart Lift - Abandoned Cart Recovery for Woocommerce and EDD

Unauth.

6.1
2023-05-04 CVE-2023-25961 Catchthemes Cross-site Scripting vulnerability in Catchthemes Darcie

Unauth.

6.1
2023-05-04 CVE-2023-2521 EZ NET Cross-site Scripting vulnerability in Ez-Net Next-7004N Firmware 3.0.1

A vulnerability was found in NEXTU NEXT-7004N 3.0.1.

6.1
2023-05-03 CVE-2023-24744 Rediker Cross-site Scripting vulnerability in Rediker Adminplus 6.1.91.00

Cross Site Scripting (XSS) vulnerability in Rediker Software AdminPlus 6.1.91.00 allows remote attackers to run arbitrary code via the onload function within the application DOM.

6.1
2023-05-03 CVE-2023-25827 Opentsdb Cross-site Scripting vulnerability in Opentsdb

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user.

6.1
2023-05-03 CVE-2023-23830 Properfraction Cross-site Scripting vulnerability in Properfraction Profilepress

Unauth.

6.1
2023-05-03 CVE-2023-27378 F5 Cross-site Scripting vulnerability in F5 products

Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

6.1
2023-05-03 CVE-2023-1384 Amazon Cross-site Scripting vulnerability in Amazon Fire OS

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.

6.1
2023-05-02 CVE-2023-2477 Funadmin Cross-site Scripting vulnerability in Funadmin

A vulnerability was found in Funadmin up to 3.2.3.

6.1
2023-05-02 CVE-2023-1546 Plainviewplugins Unspecified vulnerability in Plainviewplugins Mycryptocheckout

The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting

6.1
2023-05-02 CVE-2023-1804 Pixelyoursite Unspecified vulnerability in Pixelyoursite Product Catalog Feed

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators.

6.1
2023-05-02 CVE-2023-1805 Pixelyoursite Unspecified vulnerability in Pixelyoursite Product Catalog Feed

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

6.1
2023-05-02 CVE-2013-10026 Webfwd Cross-site Scripting vulnerability in Webfwd Mail Subscribe List

A vulnerability, which was classified as problematic, has been found in Mail Subscribe List Plugin up to 2.0.10 on WordPress.

6.1
2023-05-02 CVE-2014-125100 Bestwebsoft Cross-site Scripting vulnerability in Bestwebsoft JOB Board 1.0.0

A vulnerability classified as problematic was found in BestWebSoft Job Board Plugin 1.0.0 on WordPress.

6.1
2023-05-01 CVE-2023-29637 Qbian61 Forum Java Project Cross-site Scripting vulnerability in Qbian61 Forum-Java Project Qbian61 Forum-Java

Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows attackers to inject arbitrary web script or HTML via editing the article content in the "article editor" page.

6.1
2023-05-01 CVE-2023-29641 Ipandao Cross-site Scripting vulnerability in Ipandao Editor.Md

Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text.

6.1
2023-05-03 CVE-2023-22372 F5 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in F5 Big-Ip Access Policy Manager

In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.9
2023-05-03 CVE-2023-24461 F5 Improper Certificate Validation vulnerability in F5 Big-Ip Access Policy Manager

An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.9
2023-05-03 CVE-2023-1178 Gitlab Code Injection vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

5.7
2023-05-02 CVE-2023-27892 Shapeshift Out-of-bounds Read vulnerability in Shapeshift Keepkey Firmware

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages.

5.7
2023-05-01 CVE-2023-29680 Tenda Cleartext Transmission of Sensitive Information vulnerability in Tenda N301 Firmware 12.03.01.06Pt

Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.

5.7
2023-05-01 CVE-2023-29681 Tenda Cleartext Transmission of Sensitive Information vulnerability in Tenda N301 Firmware 12.02.01.61Multi

Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.

5.7
2023-05-06 CVE-2022-43877 IBM Insecure Storage of Sensitive Information vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file.

5.5
2023-05-05 CVE-2020-4914 IBM Insufficient Session Expiration vulnerability in IBM Cloud PAK System

IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system.

5.5
2023-05-05 CVE-2023-22874 IBM Resource Exhaustion vulnerability in IBM MQ Appliance

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files.

5.5
2023-05-05 CVE-2023-29932 Llvm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Llvm 20221101

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.

5.5
2023-05-05 CVE-2023-29933 Llvm Out-of-bounds Read vulnerability in Llvm 20221211

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

5.5
2023-05-05 CVE-2023-29934 Llvm Out-of-bounds Read vulnerability in Llvm 20221122

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

5.5
2023-05-05 CVE-2023-29935 Llvm Reachable Assertion vulnerability in Llvm 20221123

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

5.5
2023-05-05 CVE-2023-29939 Llvm Out-of-bounds Read vulnerability in Llvm 20230112

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).

5.5
2023-05-05 CVE-2023-29941 Llvm Out-of-bounds Read vulnerability in Llvm 20230112

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

5.5
2023-05-05 CVE-2023-29942 Llvm Out-of-bounds Read vulnerability in Llvm 20230112

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

5.5
2023-05-05 CVE-2023-30434 IBM Improper Input Validation vulnerability in IBM Elastic Storage System and Spectrum Scale

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic.

5.5
2023-05-05 CVE-2022-38707 IBM Insufficient Session Expiration vulnerability in IBM Cognos Command Center 10.2.4.1

IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration.

5.5
2023-05-04 CVE-2023-21493 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.

5.5
2023-05-04 CVE-2023-21495 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.

5.5
2023-05-04 CVE-2023-21496 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.

5.5
2023-05-04 CVE-2023-21500 Samsung Double Free vulnerability in Samsung Android 13.0

Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.

5.5
2023-05-04 CVE-2023-21507 Samsung Out-of-bounds Read vulnerability in Samsung Blockchain Keystore

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

5.5
2023-05-04 CVE-2023-21510 Samsung Out-of-bounds Read vulnerability in Samsung Blockchain Keystore

Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

5.5
2023-05-04 CVE-2023-21511 Samsung Out-of-bounds Read vulnerability in Samsung Blockchain Keystore

Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

5.5
2023-05-03 CVE-2023-30300 W3 Infinite Loop vulnerability in W3 Webassembly 1.0

An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.

5.5
2023-05-02 CVE-2023-31207 Tribe29 Information Exposure Through Log Files vulnerability in Tribe29 Checkmk 2.0.0/2.1.0

Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log.

5.5
2023-05-02 CVE-2022-33273 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

5.5
2023-05-07 CVE-2023-24400 HU Manity Cross-site Scripting vulnerability in Hu-Manity Cookie Notice & Compliance for Gdpr / Ccpa

Auth.

5.4
2023-05-06 CVE-2023-24957 IBM Cross-site Scripting vulnerability in IBM Business Automation Workflow

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting.

5.4
2023-05-05 CVE-2023-2553 Bumsys Project Cross-site Scripting vulnerability in Bumsys Project Bumsys

Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.

5.4
2023-05-05 CVE-2022-43866 IBM Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting.

5.4
2023-05-05 CVE-2023-2516 Teampass Cross-site Scripting vulnerability in Teampass

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.

5.4
2023-05-04 CVE-2023-30216 Newbee Mall Project Authorization Bypass Through User-Controlled Key vulnerability in Newbee-Mall Project Newbee-Mall 1.0/20191023

Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information.

5.4
2023-05-04 CVE-2023-25982 Simple Youtube Responsive Project Cross-site Scripting vulnerability in Simple Youtube Responsive Project Simple Youtube Responsive

Auth.

5.4
2023-05-04 CVE-2023-30094 Totaljs Cross-site Scripting vulnerability in Totaljs Flow 10.0

A stored cross-site scripting (XSS) vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module.

5.4
2023-05-04 CVE-2023-30095 Totaljs Cross-site Scripting vulnerability in Totaljs Messenger

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field.

5.4
2023-05-04 CVE-2023-30096 Totaljs Cross-site Scripting vulnerability in Totaljs Messenger

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field.

5.4
2023-05-04 CVE-2023-30097 Totaljs Cross-site Scripting vulnerability in Totaljs Messenger

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field.

5.4
2023-05-04 CVE-2023-30184 Typecho Cross-site Scripting vulnerability in Typecho

A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment.

5.4
2023-05-04 CVE-2023-30619 Enalean Cross-site Scripting vulnerability in Enalean Tuleap

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments.

5.4
2023-05-04 CVE-2022-45818 Essentialplugin Cross-site Scripting vulnerability in Essentialplugin Hero Banner Ultimate

Auth.

5.4
2023-05-04 CVE-2023-27075 Microbin Cross-site Scripting vulnerability in Microbin 1.2.0

A cross-site scripting vulnerability (XSS) in the component microbin/src/pasta.rs of Microbin v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

5.4
2023-05-03 CVE-2023-0155 Gitlab Open Redirect vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1.

5.4
2023-05-03 CVE-2023-1836 Gitlab Cross-site Scripting vulnerability in Gitlab

A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

5.4
2023-05-03 CVE-2023-29240 F5 Unrestricted Upload of File with Dangerous Type vulnerability in F5 Big-Iq Centralized Management 8.0.0/8.1.0/8.2.0

An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.4
2023-05-03 CVE-2023-23874 Metaphorcreations Cross-site Scripting vulnerability in Metaphorcreations Ditty

Auth.

5.4
2023-05-03 CVE-2023-23876 TMS Outsource Cross-site Scripting vulnerability in Tms-Outsource Wpdatatables

Auth.

5.4
2023-05-03 CVE-2023-23708 Themeisle Cross-site Scripting vulnerability in Themeisle Visualizer

Auth.

5.4
2023-05-03 CVE-2023-23820 Properfraction Cross-site Scripting vulnerability in Properfraction Profilepress

Auth.

5.4
2023-05-03 CVE-2023-22713 Wpdownloadmanager Cross-site Scripting vulnerability in Wpdownloadmanager Gutenberg Blocks for Wordpress Download Manager

Auth.

5.4
2023-05-03 CVE-2023-25798 Olevmedia Cross-site Scripting vulnerability in Olevmedia Shortcodes

Auth.

5.4
2023-05-03 CVE-2023-29839 Digitaldruid Cross-site Scripting vulnerability in Digitaldruid Hotel Druid 3.0.4

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands.

5.4
2023-05-02 CVE-2022-47877 Jedox Cross-site Scripting vulnerability in Jedox 2020.2.5

A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'.

5.4
2023-05-02 CVE-2023-31434 Evasys Cross-site Scripting vulnerability in Evasys 8.2/9.0

The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations.

5.4
2023-05-02 CVE-2023-29918 Rosariosis Improper Neutralization of Formula Elements in a CSV File vulnerability in Rosariosis 10.8.4

RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module.

5.4
2023-05-02 CVE-2023-2476 J2Eefast Cross-site Scripting vulnerability in J2Eefast

A vulnerability was found in Dromara J2eeFAST up to 2.6.0.

5.4
2023-05-02 CVE-2023-2475 J2Eefast Cross-site Scripting vulnerability in J2Eefast

A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic.

5.4
2023-05-02 CVE-2023-2000 Mattermost Open Redirect vulnerability in Mattermost Desktop

Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website

5.4
2023-05-02 CVE-2023-0891 Codestag Unspecified vulnerability in Codestag Stagtools

The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

5.4
2023-05-02 CVE-2023-1861 Limit Login Attempts Project Unspecified vulnerability in Limit Login Attempts Project Limit Login Attempts

The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

5.4
2023-05-01 CVE-2023-30639 Archerirm Cross-site Scripting vulnerability in Archerirm Archer 6.10.0.3/6.9.3.4

Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability.

5.4
2023-05-01 CVE-2023-29636 Zhenfeng13 MY Blog Project Cross-site Scripting vulnerability in Zhenfeng13 My-Blog Project Zhenfeng13 My-Blog

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString.

5.4
2023-05-01 CVE-2023-29638 Winterchen Cross-site Scripting vulnerability in Winterchen My-Site

Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles.

5.4
2023-05-01 CVE-2023-29639 Zhenfeng13 MY Blog Project Cross-site Scripting vulnerability in Zhenfeng13 My-Blog Project Zhenfeng13 My-Blog

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.

5.4
2023-05-01 CVE-2023-29643 Perfree Cross-site Scripting vulnerability in Perfree Perfreeblog 3.1.2

Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function.

5.4
2023-05-01 CVE-2022-45801 Apache Injection vulnerability in Apache Streampark

Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input.

5.4
2023-05-04 CVE-2023-1894 Puppet Unspecified vulnerability in Puppet Enterprise and Puppet Server

A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation.

5.3
2023-05-03 CVE-2022-39161 IBM Improper Certificate Validation vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks.

5.3
2023-05-03 CVE-2023-24594 F5 Resource Exhaustion vulnerability in F5 products

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

5.3
2023-05-02 CVE-2023-26268 Apache
IBM
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * update This doesn't affect map/reduce or search (Dreyfus) index functions. Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3). Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
5.3
2023-05-02 CVE-2023-30943 Moodle
Fedoraproject
Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders.

5.3
2023-05-02 CVE-2023-2247 Octopus Unspecified vulnerability in Octopus Deploy

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function

5.3
2023-05-01 CVE-2023-27108 Kaiostech Unspecified vulnerability in Kaiostech Kaios 3.0

An issue was discovered in KaiOS 3.0.

5.3
2023-05-01 CVE-2023-22503 Atlassian Unspecified vulnerability in Atlassian Confluence Data Center

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space.

5.3
2023-05-02 CVE-2023-29772 Asus Cross-site Scripting vulnerability in Asus Rt-Ac51U Firmware 3.0.0.4.380.8228

A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote attackers to inject arbitrary web script or HTML via a malicious network request.

5.2
2023-05-02 CVE-2023-2445 Devolutions Unspecified vulnerability in Devolutions Server

Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name.

4.9
2023-05-01 CVE-2023-22924 Zyxel Classic Buffer Overflow vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0/1.00(Aarp.10)C0/1.00(Aarp.13)C0

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device.

4.9
2023-05-06 CVE-2023-25491 JCH Optimize Project Cross-site Scripting vulnerability in JCH Optimize Project JCH Optimize

Auth.

4.8
2023-05-06 CVE-2023-26517 Plugin Planet Cross-site Scripting vulnerability in Plugin-Planet Dashboard Widget Suite

Auth.

4.8
2023-05-06 CVE-2023-26519 Publish TO Schedule Project Cross-site Scripting vulnerability in Publish to Schedule Project Publish to Schedule

Auth.

4.8
2023-05-05 CVE-2023-2550 Phpmyfaq Cross-site Scripting vulnerability in PHPmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

4.8
2023-05-05 CVE-2023-2427 Phpmyfaq Cross-site Scripting vulnerability in PHPmyfaq

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

4.8
2023-05-04 CVE-2022-47434 Bajorat Media Cross-site Scripting vulnerability in Bajorat-Media PB SEO Friendly Images

Auth.

4.8
2023-05-04 CVE-2023-25458 GMO Cross-site Scripting vulnerability in GMO Typesquare Webfonts for Conoha 1.0.0/2.0.0/2.0.2

Auth.

4.8
2023-05-04 CVE-2023-25977 9Seeds Cross-site Scripting vulnerability in 9Seeds CPT - Speakers 1.0/1.1

Auth.

4.8
2023-05-04 CVE-2023-26010 Wpmobile APP Project Cross-site Scripting vulnerability in Wpmobile.App Project Wpmobile.App

Auth.

4.8
2023-05-04 CVE-2023-26012 Custom Login Page Project Cross-site Scripting vulnerability in Custom Login Page Project Custom Login Page

Auth.

4.8
2023-05-04 CVE-2023-25962 Oxilab Cross-site Scripting vulnerability in Oxilab Accordions

Auth.

4.8
2023-05-04 CVE-2023-26016 Simple Portfolio Gallery Project Cross-site Scripting vulnerability in Simple Portfolio Gallery Project Simple Portfolio Gallery 0.1

Auth.

4.8
2023-05-03 CVE-2023-30205 Douphp Cross-site Scripting vulnerability in Douphp 1.7

A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the unique_id parameter in /admin/article.php.

4.8
2023-05-03 CVE-2023-23875 Bing Site Verification Plugin Using Meta TAG Project Cross-site Scripting vulnerability in Bing Site Verification Plugin Using Meta TAG Project Bing Site Verification Plugin Using Meta TAG

Auth.

4.8
2023-05-03 CVE-2023-23881 Greentreelabs Cross-site Scripting vulnerability in Greentreelabs Circles Gallery

Auth.

4.8
2023-05-03 CVE-2023-26017 Blueglass Cross-site Scripting vulnerability in Blueglass Jobs for Wordpress

Auth.

4.8
2023-05-03 CVE-2022-46852 Wptablebuilder Cross-site Scripting vulnerability in Wptablebuilder WP Table Builder

Auth.

4.8
2023-05-03 CVE-2023-23785 Exquisite Paypal Donation Project Cross-site Scripting vulnerability in Exquisite Paypal Donation Project Exquisite Paypal Donation

Auth.

4.8
2023-05-03 CVE-2023-23808 Sponsors Carousel Project Cross-site Scripting vulnerability in Sponsors Carousel Project Sponsors Carousel 4.02

Auth.

4.8
2023-05-03 CVE-2023-23809 Finviz Cross-site Scripting vulnerability in Finviz Stock Market Charts From Finviz

Auth.

4.8
2023-05-03 CVE-2023-22683 Clio Cross-site Scripting vulnerability in Clio Grow 1.0

Auth.

4.8
2023-05-03 CVE-2023-25979 Total Soft Cross-site Scripting vulnerability in Total-Soft Video Gallery

Auth.

4.8
2023-05-03 CVE-2023-25796 WP Baidu Submit Project Cross-site Scripting vulnerability in WP Baidu Submit Project WP Baidu Submit

Auth.

4.8
2023-05-03 CVE-2023-25783 Firecask Like Share Button Project Cross-site Scripting vulnerability in Firecask Like & Share Button Project Firecask Like & Share Button

Auth.

4.8
2023-05-03 CVE-2023-25784 Sticky AD BAR Project Cross-site Scripting vulnerability in Sticky AD BAR Project Sticky AD BAR

Auth.

4.8
2023-05-03 CVE-2023-25786 Eyes Only User Access Shortcode Project Cross-site Scripting vulnerability in Eyes Only User Access Shortcode Project Eyes Only User Access Shortcode

Auth.

4.8
2023-05-03 CVE-2023-25787 WP Resource Download Management Project Cross-site Scripting vulnerability in WP Resource Download Management Project WP Resource Download Management

Auth.

4.8
2023-05-03 CVE-2023-25789 Tapfiliate Cross-site Scripting vulnerability in Tapfiliate

Auth.

4.8
2023-05-03 CVE-2023-25792 WP Open Social Project Cross-site Scripting vulnerability in WP Open Social Project WP Open Social

Auth.

4.8
2023-05-03 CVE-2023-25797 Vslider Multi Image Slider Project Cross-site Scripting vulnerability in Vslider Multi Image Slider Project Vslider Multi Image Slider

Auth.

4.8
2023-05-02 CVE-2023-23723 Winwar Cross-site Scripting vulnerability in Winwar WP Email Capture

Auth.

4.8
2023-05-02 CVE-2023-1021 AMR Ical Events List Project Unspecified vulnerability in Amr-Ical-Events-List Project Amr-Ical-Events-List 6.6

The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2023-05-02 CVE-2023-1090 Smtp Mailing Queue Project Unspecified vulnerability in Smtp Mailing Queue Project Smtp Mailing Queue

The SMTP Mailing Queue WordPress plugin before 2.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2023-05-02 CVE-2023-1525 Geminilabs Cross-site Scripting vulnerability in Geminilabs Site Reviews

The Site Reviews WordPress plugin before 6.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8
2023-05-02 CVE-2023-1554 Fullworksplugins Unspecified vulnerability in Fullworksplugins Quick Paypal Payments

The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2023-05-02 CVE-2023-1614 WP Custom Author URL Project Unspecified vulnerability in WP Custom Author URL Project WP Custom Author URL

The WP Custom Author URL WordPress plugin before 1.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8
2023-05-01 CVE-2018-25085 Drupal Cross-site Scripting vulnerability in Drupal Responsive Menus

A vulnerability classified as problematic was found in Responsive Menus 7.x-1.x-dev on Drupal.

4.8
2023-05-05 CVE-2023-29354 Microsoft Unspecified vulnerability in Microsoft Edge Chromium

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

4.7
2023-05-03 CVE-2022-43950 Fortinet Open Redirect vulnerability in Fortinet Fortinac and Fortinac-F

A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.

4.7
2023-05-04 CVE-2023-21485 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

4.6
2023-05-04 CVE-2023-21486 Samsung Unspecified vulnerability in Samsung Android 11.0/12.0/13.0

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

4.6
2023-05-04 CVE-2023-30550 Metersphere Authorization Bypass Through User-Controlled Key vulnerability in Metersphere

MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing.

4.5
2023-05-03 CVE-2023-1265 Gitlab Session Fixation vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

4.5
2023-05-04 CVE-2023-21492 Samsung Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0/13.0

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

4.4
2023-05-03 CVE-2022-45859 Fortinet Insufficiently Protected Credentials vulnerability in Fortinet Fortinac and Fortinac-F

An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.

4.4
2023-05-03 CVE-2022-4376 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.

4.3
2023-05-03 CVE-2023-1204 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2.

4.3
2023-05-03 CVE-2023-2069 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1.

4.3
2023-05-03 CVE-2023-28406 F5 Path Traversal vulnerability in F5 products

A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension.

4.3
2023-05-03 CVE-2023-1383 Amazon Unspecified vulnerability in Amazon Fire OS

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.

4.3
2023-05-03 CVE-2023-2462 Google
Fedoraproject
Debian
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2463 Google
Fedoraproject
Debian
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2464 Google
Fedoraproject
Debian
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2465 Google
Fedoraproject
Debian
Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2466 Google
Fedoraproject
Debian
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2467 Google
Fedoraproject
Debian
Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page.
4.3
2023-05-03 CVE-2023-2468 Google
Fedoraproject
Debian
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page.
4.3
2023-05-02 CVE-2023-2474 Getrebuild Cross-Site Request Forgery (CSRF) vulnerability in Getrebuild Rebuild 3.2

A vulnerability has been found in Rebuild 3.2 and classified as problematic.

4.3
2023-05-02 CVE-2023-1911 Creativethemes Unspecified vulnerability in Creativethemes Blocksy Companion

The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-05-04 CVE-2023-21487 Samsung Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0

Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.

3.3
2023-05-04 CVE-2023-31413 Elastic Information Exposure Through Log Files vulnerability in Elastic Filebeat 8.6.2

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.

3.3
2023-05-01 CVE-2023-2197 Hashicorp Inadequate Encryption Strength vulnerability in Hashicorp Vault

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in order to derive Vault’s root key.

2.5