Weekly Vulnerabilities Reports > September 18 to 24, 2023

Overview

341 new vulnerabilities reported during this period, including 89 critical vulnerabilities and 138 high severity vulnerabilities. This weekly summary report vulnerabilities in 457 products from 183 vendors including Dlink, Nvidia, Redhat, Fedoraproject, and Ormazabal. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Out-of-bounds Write", "Command Injection", and "Exposure of Resource to Wrong Sphere".

  • 291 reported vulnerabilities are remotely exploitables.
  • 135 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 215 reported vulnerabilities are exploitable by an anonymous user.
  • Dlink has the most reported vulnerabilities, with 25 reported vulnerabilities.
  • Dlink has the most reported critical vulnerabilities, with 24 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

89 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-09-21 CVE-2023-43632 Linuxfoundation Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Edge Virtualization Engine

As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients.

9.9
2023-09-24 CVE-2023-5143 Dlink Unspecified vulnerability in Dlink Dar-7000 Firmware

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 up to 20151231.

9.8
2023-09-23 CVE-2023-43338 Cesanta Out-of-bounds Write vulnerability in Cesanta MJS 2.20.0

Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr().

9.8
2023-09-23 CVE-2023-43468 Online JOB Portal Project SQL Injection vulnerability in Online JOB Portal Project Online JOB Portal 2020

SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the login.php component.

9.8
2023-09-23 CVE-2023-43469 Online JOB Portal Project SQL Injection vulnerability in Online JOB Portal Project Online JOB Portal 2020

SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php component.

9.8
2023-09-23 CVE-2023-43470 Janobe SQL Injection vulnerability in Janobe Online Voting System 1.0

SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker to execute arbitrary code via the checklogin.php component.

9.8
2023-09-22 CVE-2023-43129 Dlink OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters.

9.8
2023-09-22 CVE-2023-43130 Dlink OS Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.

9.8
2023-09-22 CVE-2023-40989 Jeecg SQL Injection vulnerability in Jeecg Boot 3.0/3.5.3

SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.

9.8
2023-09-22 CVE-2023-43270 DST Admin Project Code Injection vulnerability in Dst-Admin Project Dst-Admin 1.5.0

dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.

9.8
2023-09-22 CVE-2022-4039 Redhat Incorrect Default Permissions vulnerability in Redhat products

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled.

9.8
2023-09-22 CVE-2023-43144 Projectworlds SQL Injection vulnerability in Projectworlds Asset Management System Project in PHP 1.0

Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the "id" parameter in delete.php.

9.8
2023-09-22 CVE-2023-43762 Withsecure Unspecified vulnerability in Withsecure F-Secure Policy Manager and Policy Manager Proxy

Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend).

9.8
2023-09-22 CVE-2023-23363 Qnap Classic Buffer Overflow vulnerability in Qnap QTS

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system.

9.8
2023-09-22 CVE-2023-23364 Qnap Classic Buffer Overflow vulnerability in Qnap Multimedia Console

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems.

9.8
2023-09-22 CVE-2023-31719 Frangoteam SQL Injection vulnerability in Frangoteam Fuxa

FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.

9.8
2023-09-21 CVE-2023-43128 Dlink Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters.

9.8
2023-09-21 CVE-2023-34576 Opartfaq Project SQL Injection vulnerability in Opartfaq Project Opartfaq

SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector.

9.8
2023-09-21 CVE-2023-41993 Apple
Fedoraproject
Debian
Oracle
Netapp
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products

The issue was addressed with improved checks.

9.8
2023-09-21 CVE-2023-42279 Iteachyou SQL Injection vulnerability in Iteachyou Dreamer CMS 4.1.3

Dreamer CMS v4.1.3 was discovered to contain a SQL injection vulnerability via the model-form-management-field form.

9.8
2023-09-21 CVE-2023-42810 Systeminformation Command Injection vulnerability in Systeminformation

systeminformation is a System Information Library for Node.JS.

9.8
2023-09-21 CVE-2023-34577 Planned Popup Project SQL Injection vulnerability in Planned Popup Project Planned Popup

SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows remote attackers to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method.

9.8
2023-09-21 CVE-2023-42807 Frappe SQL Injection vulnerability in Frappe LMS

Frappe LMS is an open source learning management system.

9.8
2023-09-21 CVE-2023-43235 Dlink Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.

9.8
2023-09-21 CVE-2023-43236 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.

9.8
2023-09-21 CVE-2023-43237 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.

9.8
2023-09-21 CVE-2023-43238 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.

9.8
2023-09-21 CVE-2023-43239 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.

9.8
2023-09-21 CVE-2023-43240 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.

9.8
2023-09-21 CVE-2023-43241 Dlink Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.

9.8
2023-09-21 CVE-2023-43242 Dlink Out-of-bounds Write vulnerability in Dlink Dir-816A2 Firmware 1.10Cnb05

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.

9.8
2023-09-21 CVE-2023-4760 Eclipse Path Traversal vulnerability in Eclipse Remote Application Platform

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method.

9.8
2023-09-21 CVE-2023-4291 Frauscher Code Injection vulnerability in Frauscher Diagnostic System 101 1.3.3/1.4.24

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface without authentication. This could lead to a full compromise of the FDS101 device.

9.8
2023-09-21 CVE-2015-5467 Yiiframework Path Traversal vulnerability in Yiiframework YII

web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter.

9.8
2023-09-20 CVE-2023-34575 OP ART Save Cart Project SQL Injection vulnerability in Op'Art Save Cart Project Op'Art Save Cart

SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() methods.

9.8
2023-09-20 CVE-2023-36109 Jerryscript Classic Buffer Overflow vulnerability in Jerryscript 3.0

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.

9.8
2023-09-20 CVE-2023-39675 Simpleimportproduct Project SQL Injection vulnerability in Simpleimportproduct Project Simpleimportproduct 6.2.9

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.

9.8
2023-09-20 CVE-2023-43135 TP Link Missing Authorization vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0

There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

9.8
2023-09-20 CVE-2023-42322 Icmsdev Session Fixation vulnerability in Icmsdev Icms 7.0.16

Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain sensitive information.

9.8
2023-09-20 CVE-2023-43134 Netis Systems Missing Authorization vulnerability in Netis-Systems 360R Firmware 1.3.4517

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

9.8
2023-09-20 CVE-2023-43371 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php.

9.8
2023-09-20 CVE-2023-43373 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.php.

9.8
2023-09-20 CVE-2023-43374 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php.

9.8
2023-09-20 CVE-2023-43375 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5

Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita, and mesescaddoc parameters.

9.8
2023-09-20 CVE-2023-40619 Phppgadmin Project Deserialization of Untrusted Data vulnerability in PHPpgadmin Project PHPpgadmin

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()' function in multiple places.

9.8
2023-09-20 CVE-2023-2262 Rockwellautomation Out-of-bounds Write vulnerability in Rockwellautomation products

A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices.

9.8
2023-09-20 CVE-2023-5074 Dlink Use of Hard-coded Credentials vulnerability in Dlink D-View 8 2.0.1.28

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28

9.8
2023-09-20 CVE-2023-42464 Netatalk
Debian
Type Confusion vulnerability in multiple products

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17.

9.8
2023-09-20 CVE-2019-19450 Reportlab
Debian
XML Injection (aka Blind XPath Injection) vulnerability in multiple products

paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.

9.8
2023-09-20 CVE-2023-43196 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.

9.8
2023-09-20 CVE-2023-43197 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.

9.8
2023-09-20 CVE-2023-43198 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.

9.8
2023-09-20 CVE-2023-43199 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.

9.8
2023-09-20 CVE-2023-43200 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the id parameter in the yyxz.data function.

9.8
2023-09-20 CVE-2023-43201 Dlink Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the hi_up parameter in the qos_ext.asp function.

9.8
2023-09-20 CVE-2023-43202 Dlink Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler.

9.8
2023-09-20 CVE-2023-43203 Dlink Out-of-bounds Write vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users.

9.8
2023-09-20 CVE-2023-43204 Dlink Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50.

9.8
2023-09-20 CVE-2023-43206 Dlink Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler.

9.8
2023-09-20 CVE-2023-43207 Dlink Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler.

9.8
2023-09-20 CVE-2023-43478 Telstra Unrestricted Upload of File with Dangerous Type vulnerability in Telstra Arcadyan Lh1000 Firmware

fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root. 

9.8
2023-09-20 CVE-2023-25528 Nvidia Out-of-bounds Write vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.

9.8
2023-09-20 CVE-2023-25530 Nvidia Unspecified vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation.

9.8
2023-09-20 CVE-2023-25531 Nvidia Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.

9.8
2023-09-20 CVE-2023-25533 Nvidia Unspecified vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation.

9.8
2023-09-20 CVE-2023-25534 Nvidia Unspecified vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.

9.8
2023-09-20 CVE-2023-31009 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation.

9.8
2023-09-19 CVE-2023-42793 Jetbrains Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

9.8
2023-09-19 CVE-2022-47558 Ormazabal Use of Hard-coded Credentials vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials.

9.8
2023-09-19 CVE-2023-4092 Fujitsu SQL Injection vulnerability in Fujitsu Arconte Aurea 1.5.0.0

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version.

9.8
2023-09-19 CVE-2023-0773 Uniview Improper Authentication vulnerability in Uniview Ipc322Lb-Sf28-A Firmware

The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface.

9.8
2023-09-19 CVE-2023-5009 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4.

9.8
2023-09-19 CVE-2022-28357 Linuxfoundation Path Traversal vulnerability in Linuxfoundation Nats-Server

NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account.

9.8
2023-09-19 CVE-2021-26837 Fortra SQL Injection vulnerability in Fortra Delivernow

SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information.

9.8
2023-09-18 CVE-2023-33831 Frangoteam Command Injection vulnerability in Frangoteam Fuxa 1.1.13

A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.

9.8
2023-09-18 CVE-2023-41084 Socomec Reliance on Cookies without Validation and Integrity Checking vulnerability in Socomec Modulys GP Firmware 01.12.10

Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device.

9.8
2023-09-18 CVE-2023-41030 Juplink Use of Hard-coded Credentials vulnerability in Juplink Rx4-1500 Firmware

Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated attackers to log in to the web interface or telnet service as the 'user' user.

9.8
2023-09-18 CVE-2023-42320 Tenda Classic Buffer Overflow vulnerability in Tenda Ac10 Firmware 16.03.10.13

Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.

9.8
2023-09-18 CVE-2023-42359 Exam Form Submission IN PHP With Source Code Project SQL Injection vulnerability in Exam Form Submission in PHP With Source Code Project Exam Form Submission in PHP With Source Code 1.0

SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0 allows a remote attacker to escalate privileges via the val-username parameter in /index.php.

9.8
2023-09-18 CVE-2023-5034 MY Food Recipe Project Unrestricted Upload of File with Dangerous Type vulnerability in MY Food Recipe Project MY Food Recipe 1.0

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0.

9.8
2023-09-20 CVE-2023-38888 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm

Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.

9.6
2023-09-22 CVE-2023-42798 Hollowaykeanho Unspecified vulnerability in Hollowaykeanho Automataci

AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools.

9.1
2023-09-22 CVE-2022-3874 Redhat
Theforeman
OS Command Injection vulnerability in multiple products

A command injection flaw was found in foreman.

9.1
2023-09-20 CVE-2023-0118 Theforeman
Redhat
OS Command Injection vulnerability in multiple products

An arbitrary code execution flaw was found in Foreman.

9.1
2023-09-20 CVE-2023-0462 Theforeman
Redhat
Code Injection vulnerability in multiple products

An arbitrary code execution flaw was found in Foreman.

9.1
2023-09-19 CVE-2023-41387 Patreon SQL Injection vulnerability in Patreon Flutter Downloader

A SQL injection in the flutter_downloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container.

9.1
2023-09-19 CVE-2023-26143 Blamer Project Argument Injection or Modification vulnerability in Blamer Project Blamer

Versions of the package blamer before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API.

9.1
2023-09-18 CVE-2023-42454 Lovasoa Information Exposure vulnerability in Lovasoa Sqlpage

SQLpage is a SQL-only webapp builder.

9.1
2023-09-20 CVE-2023-0829 Plesk Cross-site Scripting vulnerability in Plesk

Plesk 17.0 through 18.0.31 version, is vulnerable to a Cross-Site Scripting.

9.0

138 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-09-24 CVE-2023-5144 Dlink Unrestricted Upload of File with Dangerous Type vulnerability in Dlink Dar-7000 Firmware and Dar-8000 Firmware

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000 and DAR-8000 up to 20151231.

8.8
2023-09-22 CVE-2023-38346 Windriver Path Traversal vulnerability in Windriver Vxworks 6.9/7.0

An issue was discovered in Wind River VxWorks 6.9 and 7.

8.8
2023-09-22 CVE-2023-41027 Juplink Information Exposure Through an Error Message vulnerability in Juplink Rx4-1500 Firmware 1.0.4/1.0.5

Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.

8.8
2023-09-22 CVE-2023-41029 Juplink Command Injection vulnerability in Juplink Rx4-1500 Firmware

Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.

8.8
2023-09-22 CVE-2023-41031 Juplink Command Injection vulnerability in Juplink Rx4-1500 Firmware

Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint.

8.8
2023-09-22 CVE-2023-5002 Pgadmin
Fedoraproject
A flaw was found in pgAdmin.
8.8
2023-09-22 CVE-2023-23362 Qnap OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud

An OS command injection vulnerability has been reported to affect QNAP operating systems.

8.8
2023-09-21 CVE-2023-43631 Linuxfoundation Insufficiently Protected Credentials vulnerability in Linuxfoundation Edge Virtualization Engine

On boot, the Pillar eve container checks for the existence and content of “/config/authorized_keys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could easily add their own keys and gain full control over the system without triggering the “measured boot” mechanism implemented by EVE OS, and without marking the device as “UUD” (“Unknown Update Detected”). This is because the “/config” partition is not protected by “measured boot”, it is mutable, and it is not encrypted in any way. An attacker can gain full control over the device without changing the PCR values, thus not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot.

8.8
2023-09-21 CVE-2023-43633 Lfedge Insufficiently Protected Credentials vulnerability in Lfedge EVE

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions. This could be used to unlock the ssh with custom “authorized_keys” via the “debug.enable.ssh” key, similar to the “authorized_keys” finding that was noted before. Other usages include unlocking the usb to enable the keyboard via the “debug.enable.usb” key, allowing VNC access via the “app.allow.vnc” key, and more. An attacker could easily enable these debug functionalities without triggering the “measured boot” mechanism implemented by EVE OS, and without marking the device as “UUD” (“Unknown Update Detected”). This is because the “/config” partition is not protected by “measured boot”, it is mutable and it is not encrypted in any way. An attacker can gain full control over the device without changing the PCR values, thereby not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot.

8.8
2023-09-21 CVE-2023-43634 Lfedge Insufficiently Protected Credentials vulnerability in Lfedge EVE

When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. In that process, PCR 13 was added to the list of PCRs that seal/unseal the key. In commit “56e589749c6ff58ded862d39535d43253b249acf”, the config partition measurement moved from PCR 13 to PCR 14, but PCR 14 was not added to the list of PCRs that seal/unseal the key. This change makes the measurement of PCR 14 effectively redundant as it would not affect the sealing/unsealing of the key. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault”

8.8
2023-09-21 CVE-2015-8371 Getcomposer Insufficient Verification of Data Authenticity vulnerability in Getcomposer Composer 1.0.0

Composer before 2016-02-10 allows cache poisoning from other projects built on the same host.

8.8
2023-09-20 CVE-2023-42321 Icmsdev Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.16

Cross Site Request Forgery (CSRF) vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files.

8.8
2023-09-20 CVE-2023-42331 Elitecms Unrestricted Upload of File with Dangerous Type vulnerability in Elitecms Elite CMS 1.01

A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.

8.8
2023-09-20 CVE-2023-42335 Fl3Xx Unrestricted Upload of File with Dangerous Type vulnerability in Fl3Xx Crew and Dispatch

Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component.

8.8
2023-09-20 CVE-2023-43137 TP Link Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0

TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points.

8.8
2023-09-20 CVE-2023-43138 TP Link Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0

TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point.

8.8
2023-09-20 CVE-2023-42660 Progress SQL Injection vulnerability in Progress Moveit Transfer

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database.

8.8
2023-09-20 CVE-2023-43496 Jenkins Incorrect Default Permissions vulnerability in Jenkins

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.

8.8
2023-09-20 CVE-2023-43500 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer

A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password.

8.8
2023-09-20 CVE-2023-43630 Linuxfoundation Insufficiently Protected Credentials vulnerability in Linuxfoundation Edge Virtualization Engine

PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measured correctly. Also, the “vault” key is sealed/unsealed with SHA1 PCRs instead of SHA256.

8.8
2023-09-20 CVE-2023-43635 Linuxfoundation Use of a Broken or Risky Cryptographic Algorithm vulnerability in Linuxfoundation Edge Virtualization Engine

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the TPM which is used to encrypt/decrypt the “vault” directory. This “vault” directory is the most sensitive point in the system and as such, its content should be protected. This mechanism is noted in Zededa’s documentation as the “measured boot” mechanism, designed to protect said “vault”. The code that’s responsible for generating and fetching the key from the TPM assumes that SHA256 PCRs are used in order to seal/unseal the key, and as such their presence is being checked. The issue here is that the key is not sealed using SHA256 PCRs, but using SHA1 PCRs. This leads to several issues: • Machines that have their SHA256 PCRs enabled but SHA1 PCRs disabled, as well as not sealing their keys at all, meaning the “vault” is not protected from an attacker. • SHA1 is considered insecure and reduces the complexity level required to unseal the key in machines which have their SHA1 PCRs enabled. An attacker can very easily retrieve the contents of the “vault”, which will effectively render the “measured boot” mechanism meaningless.

8.8
2023-09-20 CVE-2023-43636 Linuxfoundation Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation Edge Virtualization Engine

In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” design, the PCR values calculated at different stages of the boot process will change if any of their respective parts are changed. This includes, among other things, the configuration of the bios, grub, the kernel cmdline, initrd, and more. However, this mechanism does not validate the entire rootfs, so an attacker can edit the filesystem and gain control over the system. As the default filesystem used by EVE OS is squashfs, this is somewhat harder than an ext4, which is easily changeable. This will not stop an attacker, as an attacker can repackage the squashfs with their changes in it and replace the partition altogether. This can also be done directly on the device, as the “003-storage-init” container contains the “mksquashfs” and “unsquashfs” binaries (with the corresponding libs). An attacker can gain full control over the device without changing the PCR values, thus not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot.

8.8
2023-09-20 CVE-2023-43477 Telstra Command Injection vulnerability in Telstra Arcadyan Lh1000 Firmware

The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device. 

8.8
2023-09-20 CVE-2023-2163 Linux Incorrect Calculation vulnerability in Linux Kernel

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

8.8
2023-09-20 CVE-2023-31010 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.

8.8
2023-09-20 CVE-2023-31011 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation.

8.8
2023-09-20 CVE-2023-31012 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation.

8.8
2023-09-20 CVE-2023-31013 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation.

8.8
2023-09-20 CVE-2023-38887 Dolibarr Unrestricted Upload of File with Dangerous Type vulnerability in Dolibarr Erp/Crm

File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions.

8.8
2023-09-20 CVE-2023-36319 Openupload Project Unrestricted Upload of File with Dangerous Type vulnerability in Openupload Project Openupload 0.4.3

File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote attacker to execute arbitrary code via the action parameter of the compress-inc.php file.

8.8
2023-09-19 CVE-2023-40933 Nagios SQL Injection vulnerability in Nagios XI

A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function.

8.8
2023-09-19 CVE-2023-22513 Atlassian Unspecified vulnerability in Atlassian Bitbucket Data Center and Bitbucket Server

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server.

8.8
2023-09-19 CVE-2022-47559 Ormazabal Cross-Site Request Forgery (CSRF) vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customised requests to execute malicious actions when a user is logged in, affecting availability, privacy and integrity.

8.8
2023-09-19 CVE-2022-47555 Ormazabal OS Command Injection vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor.

8.8
2023-09-18 CVE-2023-39446 Socomec Cross-Site Request Forgery (CSRF) vulnerability in Socomec Modulys GP Firmware 01.12.10

Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application.

8.8
2023-09-18 CVE-2023-40221 Socomec Code Injection vulnerability in Socomec Modulys GP Firmware 01.12.10

The absence of filters when loading some sections in the web application of the vulnerable device allows potential attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section (MAIL SERVER) where the information is displayed.

8.8
2023-09-18 CVE-2023-42328 Peppermint Use of Hard-coded Credentials vulnerability in Peppermint

An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the hardcoded session cookie.

8.8
2023-09-18 CVE-2023-43115 Artifex
Fedoraproject
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated.
8.8
2023-09-18 CVE-2023-5036 Usememos Cross-Site Request Forgery (CSRF) vulnerability in Usememos Memos

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.

8.8
2023-09-18 CVE-2023-41349 Asus Use of Externally-Controlled Format String vulnerability in Asus Rt-Ax88U Firmware

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function.

8.8
2023-09-19 CVE-2023-4094 Fujitsu Improper Authentication vulnerability in Fujitsu Arconte Aurea 1.5.0.0

ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service.

8.2
2023-09-19 CVE-2023-4096 Fujitsu Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fujitsu Arconte Aurea 1.5.0.0

Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user.

8.2
2023-09-21 CVE-2023-42456 Memorysafety Relative Path Traversal vulnerability in Memorysafety Sudo 0.1.0/0.2.0

Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group.

8.1
2023-09-20 CVE-2023-41484 Cimg Memory Leak vulnerability in Cimg 2.9.3

An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a crafted JPEG file.

8.1
2023-09-20 CVE-2023-43497 Jenkins Unrestricted Upload of File with Dangerous Type vulnerability in Jenkins

In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using the Stapler web framework creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.

8.1
2023-09-20 CVE-2023-43498 Jenkins Unspecified vulnerability in Jenkins

In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.

8.1
2023-09-20 CVE-2023-4853 Quarkus
Redhat
Incorrect Authorization vulnerability in multiple products

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions.

8.1
2023-09-20 CVE-2023-25529 Nvidia Information Exposure Through Discrepancy vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses.

8.1
2023-09-19 CVE-2023-38351 Minitool Improper Certificate Validation vulnerability in Minitool Partition Wizard 12.8

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.

8.1
2023-09-19 CVE-2023-38352 Minitool Improper Certificate Validation vulnerability in Minitool Partition Wizard 12.8

MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.

8.1
2023-09-19 CVE-2023-38354 Minitool Improper Certificate Validation vulnerability in Minitool Shadowmaker 4.1

MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.

8.1
2023-09-19 CVE-2023-38355 Minitool Improper Certificate Validation vulnerability in Minitool Movie Maker 7.0

MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.

8.1
2023-09-19 CVE-2023-38356 Minitool Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.6

MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.

8.1
2023-09-18 CVE-2023-42443 Vyperlang Out-of-bounds Write vulnerability in Vyperlang Vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM).

8.1
2023-09-24 CVE-2023-1260 Kubernetes
Redhat
An authentication bypass vulnerability was discovered in kube-apiserver.
8.0
2023-09-22 CVE-2023-34319 XEN
Debian
Out-of-bounds Write vulnerability in multiple products

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece.

7.8
2023-09-22 CVE-2023-43766 F Secure Unspecified vulnerability in F-Secure products

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler.

7.8
2023-09-21 CVE-2023-5068 Deltaww Out-of-bounds Write vulnerability in Deltaww Diascreen 1.2.1.23

Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file.

7.8
2023-09-21 CVE-2023-41992 Apple Improper Check for Unusual or Exceptional Conditions vulnerability in Apple Iphone OS and Macos

The issue was addressed with improved checks.

7.8
2023-09-21 CVE-2023-43637 Lfedge Use of Hard-coded Credentials vulnerability in Lfedge EVE

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfoobarfoobarfo". This issue happens because "deriveVaultKey" calls "retrieveCloudKey" (which will always return "foobarfoobarfoobarfoobarfoobarfo" as the key), and then merges the 32byte randomly generated key with this key (by takeing 16bytes from each, see "mergeKeys"). This makes the key a lot weaker. This issue does not persist in devices that were initialized on/after version 7.10, but devices that were initialized before that and updated to a newer version still have this issue. Roll an update that enforces the full 32bytes key usage.

7.8
2023-09-20 CVE-2023-37410 IBM Unspecified vulnerability in IBM Person Communications 14.0.5/14.0.6/15.0.0

IBM Personal Communications 14.05, 14.06, and 15.0.0 could allow a local user to escalate their privileges to the SYSTEM user due to overly permissive access controls.

7.8
2023-09-20 CVE-2023-41902 Corecode Unrestricted Upload of File with Dangerous Type vulnerability in Corecode Macupdater

An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.

7.8
2023-09-20 CVE-2023-41374 Jtekt Double Free vulnerability in Jtekt Kostac PLC 1.6.11.0/1.6.9.0

Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier.

7.8
2023-09-20 CVE-2023-41375 Jtekt Use After Free vulnerability in Jtekt Kostac PLC 1.6.11.0/1.6.9.0

Use after free vulnerability exists in Kostac PLC Programming Software Version 1.6.11.0.

7.8
2023-09-20 CVE-2023-43619 Schollz Unspecified vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

7.8
2023-09-20 CVE-2023-43620 Schollz Improper Encoding or Escaping of Output vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

7.8
2023-09-20 CVE-2023-4088 Mitsubishielectric Incorrect Default Permissions vulnerability in Mitsubishielectric GX Works3

Incorrect Default Permissions vulnerability due to incomplete fix to address CVE-2020-14496 in Mitsubishi Electric Corporation FA engineering software products allows a malicious local attacker to execute a malicious code, which could result in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition.

7.8
2023-09-20 CVE-2023-31015 Nvidia Improper Authentication vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue.

7.8
2023-09-20 CVE-2023-25527 Nvidia Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory.

7.8
2023-09-20 CVE-2023-31008 Nvidia Improper Input Validation vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.

7.8
2023-09-19 CVE-2023-32182 Opensuse
Suse
Link Following vulnerability in multiple products

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

7.8
2023-09-19 CVE-2023-32184 Opensuse Insecure Storage of Sensitive Information vulnerability in Opensuse Welcome

A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a.

7.8
2023-09-18 CVE-2023-34195 Insyde Unspecified vulnerability in Insyde Insydeh2O

An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5.

7.8
2023-09-22 CVE-2023-42821 Gomarkdown Out-of-bounds Read vulnerability in Gomarkdown Markdown

The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML.

7.5
2023-09-22 CVE-2023-43783 Falktx Exposure of Resource to Wrong Sphere vulnerability in Falktx Cadence 0.9.0/0.9.1/0.9.2

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File.

7.5
2023-09-22 CVE-2023-43784 Plesk Exposure of Resource to Wrong Sphere vulnerability in Plesk Onyx 17.8.11

Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component.

7.5
2023-09-22 CVE-2023-43760 F Secure Unspecified vulnerability in F-Secure products

Certain WithSecure products allow Denial of Service via a fuzzed PE32 file.

7.5
2023-09-22 CVE-2023-43761 F Secure Infinite Loop vulnerability in F-Secure products

Certain WithSecure products allow Denial of Service (infinite loop).

7.5
2023-09-22 CVE-2023-43765 F Secure Unspecified vulnerability in F-Secure products

Certain WithSecure products allow Denial of Service in the aeelf component.

7.5
2023-09-22 CVE-2023-43767 F Secure Unspecified vulnerability in F-Secure products

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler.

7.5
2023-09-22 CVE-2023-31716 Frangoteam Unspecified vulnerability in Frangoteam Fuxa

FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log

7.5
2023-09-22 CVE-2023-31717 Frangoteam SQL Injection vulnerability in Frangoteam Fuxa

A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database.

7.5
2023-09-22 CVE-2023-31718 Frangoteam Unspecified vulnerability in Frangoteam Fuxa

FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download.

7.5
2023-09-21 CVE-2023-42261 Opensecurity Incorrect Default Permissions vulnerability in Opensecurity Mobile Security Framework

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions.

7.5
2023-09-21 CVE-2023-38343 Ivanti XXE vulnerability in Ivanti Endpoint Manager

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4.

7.5
2023-09-21 CVE-2023-42482 Samsung Use After Free vulnerability in Samsung Exynos 2200 Firmware

Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free.

7.5
2023-09-21 CVE-2023-42280 Springernature Path Traversal vulnerability in Springernature Mee-Admin 1.5

mee-admin 1.5 is vulnerable to Directory Traversal.

7.5
2023-09-21 CVE-2023-42805 Quinn Project Unspecified vulnerability in Quinn Project Quinn

quinn-proto is a state machine for the QUIC transport protocol.

7.5
2023-09-21 CVE-2023-42457 Plone Allocation of Resources Without Limits or Throttling vulnerability in Plone Rest 2.0.0/3.0.0

plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc.

7.5
2023-09-21 CVE-2023-43274 Phpjabbers SQL Injection vulnerability in PHPjabbers PHP Shopping Cart 4.2

Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter.

7.5
2023-09-21 CVE-2023-4152 Frauscher Path Traversal vulnerability in Frauscher Diagnostic System 101 1.3.3/1.4.24

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication.

7.5
2023-09-21 CVE-2023-43669 Snapview
Fedoraproject
The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake.
7.5
2023-09-20 CVE-2023-37279 Contribsys Allocation of Resources Without Limits or Throttling vulnerability in Contribsys Faktory

Faktory is a language-agnostic persistent background job server.

7.5
2023-09-20 CVE-2023-39677 Updateproducts Project
Simpleimportproduct Project
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.
7.5
2023-09-20 CVE-2022-3596 Redhat Unspecified vulnerability in Redhat Openstack Platform 13.0

An information leak was found in OpenStack's undercloud.

7.5
2023-09-20 CVE-2023-42147 Fit2Cloud Cleartext Transmission of Sensitive Information vulnerability in Fit2Cloud Cloudexplorer Lite 1.3.1

An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the login key component.

7.5
2023-09-20 CVE-2023-3341 ISC
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing.

7.5
2023-09-20 CVE-2023-4236 ISC
Fedoraproject
Debian
Netapp
Reachable Assertion vulnerability in multiple products

A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure.

7.5
2023-09-20 CVE-2023-5042 Acronis Incorrect Default Permissions vulnerability in Acronis Cyber Protect Home Office

Sensitive information disclosure due to insecure folder permissions.

7.5
2023-09-20 CVE-2022-47562 Ormazabal Allocation of Resources Without Limits or Throttling vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Vulnerability in the RCPbind service running on UDP port (111), allowing a remote attacker to create a denial of service (DoS) condition.

7.5
2023-09-20 CVE-2023-25525 Nvidia Unspecified vulnerability in Nvidia Cumulus Linux 5.5.0

NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded.

7.5
2023-09-20 CVE-2023-25532 Nvidia Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.

7.5
2023-09-19 CVE-2023-42450 Joinmastodon Server-Side Request Forgery (SSRF) vulnerability in Joinmastodon Mastodon 4.2.0

Mastodon is a free, open-source social network server based on ActivityPub.

7.5
2023-09-19 CVE-2023-42451 Joinmastodon Use of Incorrectly-Resolved Name or Reference vulnerability in Joinmastodon Mastodon

Mastodon is a free, open-source social network server based on ActivityPub.

7.5
2023-09-19 CVE-2023-41890 Sustainsys Authentication Bypass by Capture-replay vulnerability in Sustainsys Saml2

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider.

7.5
2023-09-19 CVE-2023-42444 Whisperfish Improper Validation of Specified Quantity in Input vulnerability in Whisperfish Phonenumber

phonenumber is a library for parsing, formatting and validating international phone numbers.

7.5
2023-09-19 CVE-2023-42447 Whisperfish Improper Validation of Specified Quantity in Input vulnerability in Whisperfish Blurhash-Rs 0.1.1

blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image.

7.5
2023-09-19 CVE-2022-47553 Ormazabal Incorrect Authorization vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Incorrect authorisation in ekorCCP and ekorRCI, which could allow a remote attacker to obtain resources with sensitive information for the organisation, without being authenticated within the web server.

7.5
2023-09-19 CVE-2022-47554 Ormazabal Unspecified vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.

7.5
2023-09-19 CVE-2023-32649 Nozominetworks Improper Input Validation vulnerability in Nozominetworks CMC and Guardian

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.

7.5
2023-09-19 CVE-2023-32186 Suse Allocation of Resources Without Limits or Throttling vulnerability in Suse Rancher Rke2

A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects RKE2: from 1.24.0 before 1.24.17+rke2r1, from v1.25.0 before v1.25.13+rke2r1, from v1.26.0 before v1.26.8+rke2r1, from v1.27.0 before v1.27.5+rke2r1, from v1.28.0 before v1.28.1+rke2r1.

7.5
2023-09-18 CVE-2023-39452 Socomec Unprotected Storage of Credentials vulnerability in Socomec Modulys GP Firmware 01.12.10

The web application that owns the device clearly stores the credentials within the user management section.

7.5
2023-09-18 CVE-2023-41965 Socomec Insecure Storage of Sensitive Information vulnerability in Socomec Modulys GP Firmware 01.12.10

Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.

7.5
2023-09-18 CVE-2023-41595 Vaxilu Use of Hard-coded Credentials vulnerability in Vaxilu X-Ui 1.8.3

An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password.

7.5
2023-09-18 CVE-2023-42387 Tdsql Chitu Project Unspecified vulnerability in Tdsql Chitu Project Tdsql Chitu 10.3.19.5.0

An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain sensitive information via get_db_info function in install.php.

7.5
2023-09-18 CVE-2023-32187 K3S Allocation of Resources Without Limits or Throttling vulnerability in K3S

An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s1, from v1.26.0 before v1.26.8+k3s1, from sev1.27.0 before v1.27.5+k3s1, from v1.28.0 before v1.28.1+k3s1.

7.5
2023-09-18 CVE-2023-42521 Withsecure Resource Exhaustion vulnerability in Withsecure products

Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file.

7.5
2023-09-18 CVE-2023-42522 Withsecure Resource Exhaustion vulnerability in Withsecure products

Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file.

7.5
2023-09-18 CVE-2023-42523 Withsecure Resource Exhaustion vulnerability in Withsecure products

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file.

7.5
2023-09-18 CVE-2023-42524 Withsecure Infinite Loop vulnerability in Withsecure products

Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types.

7.5
2023-09-18 CVE-2023-42525 Withsecure Infinite Loop vulnerability in Withsecure products

Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types.

7.5
2023-09-18 CVE-2023-42520 Withsecure Resource Exhaustion vulnerability in Withsecure products

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files.

7.5
2023-09-18 CVE-2023-42526 Withsecure Resource Exhaustion vulnerability in Withsecure products

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files.

7.5
2023-09-18 CVE-2023-35851 SUN NET SQL Injection vulnerability in Sun.Net Wmpro 5.0

SUNNET WMPro portal's FAQ function has insufficient validation for user input.

7.5
2023-09-19 CVE-2023-3892 Mimsoftware XXE vulnerability in Mimsoftware Assistant and Client

Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this document into specific 3rd party private RTst metadata tags, transfer the now compromised DICOM object to MIM, and force MIM to archive and load the data. Users on either version are strongly encouraged to update to an unaffected version (7.2.11+, 7.3.4+). This issue was found and analyzed by MIM Software's internal security team.  We are unaware of any proof of concept or actual exploit available in the wild. For more information, visit https://www.mimsoftware.com/cve-2023-3892 https://www.mimsoftware.com/cve-2023-3892 This issue affects MIM Assistant: 7.2.10, 7.3.3; MIM Client: 7.2.10, 7.3.3.

7.4
2023-09-19 CVE-2023-29245 Nozominetworks SQL Injection vulnerability in Nozominetworks CMC and Guardian

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sending specially crafted malicious network packets. Malicious users with extensive knowledge on the underlying system may be able to extract arbitrary information from the DBMS in an uncontrolled way, or to alter its structure and data.

7.4
2023-09-18 CVE-2023-41929 Samsung Uncontrolled Search Path Element vulnerability in Samsung Memory Card & UFD Authentication

A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges.

7.3
2023-09-20 CVE-2023-40043 Progress SQL Injection vulnerability in Progress Moveit Transfer

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer web interface that could allow a MOVEit system administrator account to gain unauthorized access to the MOVEit Transfer database.

7.2
2023-09-20 CVE-2023-38886 Dolibarr Unspecified vulnerability in Dolibarr Erp/Crm

An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script.

7.2
2023-09-19 CVE-2023-40934 Nagios SQL Injection vulnerability in Nagios XI

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings.

7.2
2023-09-19 CVE-2023-31808 Technicolor Use of Hard-coded Credentials vulnerability in Technicolor Tg670 Firmware 10.5.N.9

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords.

7.2
2023-09-19 CVE-2023-41179 Trendmicro Unspecified vulnerability in Trendmicro products

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

7.2
2023-09-18 CVE-2023-41443 Xxyopen SQL Injection vulnerability in Xxyopen Novel-Plus 4.1.0

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list.

7.2
2023-09-18 CVE-2023-34999 Bosch Command Injection vulnerability in Bosch RTS Vlink Virtual Matrix 5.0.0/6.0.0

A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface.

7.2
2023-09-18 CVE-2023-5033 Openrapid SQL Injection vulnerability in Openrapid Rapidcms 1.3.1

A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1.

7.2
2023-09-18 CVE-2023-5032 Openrapid SQL Injection vulnerability in Openrapid Rapidcms 1.3.1

A vulnerability was found in OpenRapid RapidCMS 1.3.1.

7.2
2023-09-18 CVE-2023-35850 SUN NET OS Command Injection vulnerability in Sun.Net Wmpro 5.0

SUNNET WMPro portal's file management function has a vulnerability of insufficient filtering for user input.

7.2
2023-09-21 CVE-2023-4504 Openprinting
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution.

7.0

113 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-09-20 CVE-2023-40930 Skyworth Path Traversal vulnerability in Skyworth OS 3.0

An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/.

6.8
2023-09-20 CVE-2022-3916 Redhat Insufficient Session Expiration vulnerability in Redhat products

A flaw was found in the offline_access scope in Keycloak.

6.8
2023-09-22 CVE-2023-43640 Speciesfilegroup SQL Injection vulnerability in Speciesfilegroup Taxonworks

TaxonWorks is a web-based workbench designed for taxonomists and biodiversity scientists.

6.5
2023-09-22 CVE-2023-23766 Github Incorrect Comparison vulnerability in Github Enterprise Server

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request.

6.5
2023-09-21 CVE-2023-38344 Ivanti Unspecified vulnerability in Ivanti Endpoint Manager

An issue was discovered in Ivanti Endpoint Manager before 2022 SU4.

6.5
2023-09-21 CVE-2023-42806 Iohk Improper Verification of Cryptographic Signature vulnerability in Iohk Hydra

Hydra is the layer-two scalability solution for Cardano.

6.5
2023-09-21 CVE-2023-5104 Xgenecloud Improper Input Validation vulnerability in Xgenecloud Nocodb

Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0.

6.5
2023-09-20 CVE-2023-39045 Kokoroe Members Card Project Unspecified vulnerability in Kokoroe Members Card Project Kokoroe Members Card 13.6.1

An information leak in kokoroe_members card Line 13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-20 CVE-2023-39052 Earthgarden Waiting Project Unspecified vulnerability in Earthgarden Waiting Project Earthgarden Waiting 13.6.1

An information leak in Earthgarden_waiting 13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-20 CVE-2023-42334 Fl3Xx Authorization Bypass Through User-Controlled Key vulnerability in Fl3Xx Crew and Dispatch

An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter.

6.5
2023-09-20 CVE-2023-39041 Kukurudeli Project Unspecified vulnerability in Kukurudeli Project Kukurudeli 13.6.1

An information leak in KUKURUDELI Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-20 CVE-2023-39044 Ajino Shiretoko Project Unspecified vulnerability in Ajino-Shiretoko Project Ajino-Shiretoko 13.6.1

An information leak in ajino-Shiretoko Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-20 CVE-2023-43501 Jenkins Missing Authorization vulnerability in Jenkins Build Failure Analyzer

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.

6.5
2023-09-20 CVE-2023-2508 Papercut Cross-Site Request Forgery (CSRF) vulnerability in Papercut Mobility Print Server 1.0.3512

The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host (in the "configure printer discovery" section).

6.5
2023-09-20 CVE-2022-45447 Prestashop Path Traversal vulnerability in Prestashop M4 PDF

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability.

6.5
2023-09-20 CVE-2022-47560 Ormazabal Cleartext Transmission of Sensitive Information vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

The lack of web request control on ekorCCP and ekorRCI devices allows a potential attacker to create custom requests to execute malicious actions when a user is logged in.

6.5
2023-09-20 CVE-2023-25526 Nvidia Unspecified vulnerability in Nvidia Cumulus Linux

NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet.

6.5
2023-09-19 CVE-2023-40931 Nagios SQL Injection vulnerability in Nagios XI

A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php

6.5
2023-09-19 CVE-2022-47556 Ormazabal Resource Exhaustion vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Uncontrolled resource consumption in ekorRCI, allowing an attacker with low-privileged access to the web server to send continuous legitimate web requests to a functionality that is not properly validated, in order to cause a denial of service (DoS) on the device.

6.5
2023-09-19 CVE-2023-2567 Nozominetworks SQL Injection vulnerability in Nozominetworks CMC and Guardian

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.

6.5
2023-09-18 CVE-2023-39046 Tonton TEI Waiting Project Exposure of Resource to Wrong Sphere vulnerability in Tonton-Tei Waiting Project Tonton-Tei Waiting 13.6.1

An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-39049 Youmart Tokunaga Project Exposure of Resource to Wrong Sphere vulnerability in Youmart-Tokunaga Project Youmart-Tokunaga 13.6.1

An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-39056 Coffee Jumbo Project Exposure of Resource to Wrong Sphere vulnerability in Coffee-Jumbo Project Coffee-Jumbo 13.6.1

An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-42446 Powauth Operation on a Resource after Expiration or Release vulnerability in Powauth POW

Pow is a authentication and user management solution for Phoenix and Plug-based apps.

6.5
2023-09-18 CVE-2023-39039 Camp Style Project Line Project Exposure of Resource to Wrong Sphere vulnerability in Camp Style Project Line Project Camp Style Project Line 13.6.1

An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-39040 Cheese Cafe Line Project Exposure of Resource to Wrong Sphere vulnerability in Cheese Cafe Line Project Cheese Cafe Line 13.6.1

An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-39043 YKC Exposure of Resource to Wrong Sphere vulnerability in YKC Tokushima Awayokocho 13.6.1

An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-39058 THE B Members Card Project Exposure of Resource to Wrong Sphere vulnerability in the B Members Card Project the B Members Card 13.6.1

An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

6.5
2023-09-18 CVE-2023-4527 GNU
Redhat
Fedoraproject
Netapp
Out-of-bounds Read vulnerability in multiple products

A flaw was found in glibc.

6.5
2023-09-18 CVE-2023-5031 Openrapid SQL Injection vulnerability in Openrapid Rapidcms 1.3.1

A vulnerability was found in OpenRapid RapidCMS 1.3.1.

6.5
2023-09-22 CVE-2023-43770 Roundcube
Debian
Cross-site Scripting vulnerability in multiple products

Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.

6.1
2023-09-22 CVE-2023-43763 Withsecure Cross-site Scripting vulnerability in Withsecure F-Secure Policy Manager 15.00

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint.

6.1
2023-09-21 CVE-2018-5478 Contao Cross-site Scripting vulnerability in Contao

Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension.

6.1
2023-09-20 CVE-2023-38875 Msaad1999 Cross-site Scripting vulnerability in Msaad1999 PHP-Login-System 2.0.1

A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'.

6.1
2023-09-20 CVE-2023-38876 Msaad1999 Cross-site Scripting vulnerability in Msaad1999 PHP-Login-System 2.0.1

A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.

6.1
2023-09-20 CVE-2023-40618 Openknowledgemaps Cross-site Scripting vulnerability in Openknowledgemaps Head Start

A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in 'headstart_snapshot.php'.

6.1
2023-09-20 CVE-2023-42656 Progress Cross-site Scripting vulnerability in Progress Moveit Transfer

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface.  An attacker could craft a malicious payload targeting MOVEit Transfer users during the package composition procedure.  If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.

6.1
2023-09-20 CVE-2022-45448 Prestashop Cross-site Scripting vulnerability in Prestashop M4 PDF

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability.

6.1
2023-09-20 CVE-2023-5084 Hestiacp Cross-site Scripting vulnerability in Hestiacp

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8.

6.1
2023-09-19 CVE-2023-4093 Fujitsu Cross-site Scripting vulnerability in Fujitsu Arconte Aurea 1.5.0.0

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version.

6.1
2023-09-19 CVE-2022-47557 Ormazabal Use of Password Hash With Insufficient Computational Effort vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions.

6.1
2023-09-19 CVE-2023-41834 Apache Injection vulnerability in Apache Flink Stateful Functions 3.1.0/3.1.1/3.2.0

Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially inject malicious content into the HTTP response that is sent to the user's browser.

6.1
2023-09-19 CVE-2023-42399 Xdsoft Cross-site Scripting vulnerability in Xdsoft Joditeditor 4.0.0

Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component.

6.1
2023-09-19 CVE-2023-5060 Librenms Cross-site Scripting vulnerability in Librenms

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.

6.1
2023-09-18 CVE-2023-38255 Socomec Cross-site Scripting vulnerability in Socomec Modulys GP Firmware 01.12.10

A potential attacker with or without (cookie theft) access to the device would be able to include malicious code (XSS) when uploading new device configuration that could affect the intended function of the device.

6.1
2023-09-18 CVE-2023-42253 Vehicle Management Project Cross-site Scripting vulnerability in Vehicle Management Project Vehicle Management 1.0

Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Invoice No, To, and Mammul.

6.1
2023-09-21 CVE-2023-39252 Dell Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Secure Connect Gateway Policy Manager 5.16.00.14

Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability.

5.9
2023-09-19 CVE-2023-38353 Minitool Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.5/11.6

MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.

5.9
2023-09-18 CVE-2023-4806 GNU
Redhat
Fedoraproject
Use After Free vulnerability in multiple products

A flaw was found in glibc.

5.9
2023-09-24 CVE-2023-1633 Openstack
Redhat
Insufficiently Protected Credentials vulnerability in multiple products

A credentials leak flaw was found in OpenStack Barbican.

5.5
2023-09-22 CVE-2023-42811 AES GCM Project
Fedoraproject
Improper Verification of Cryptographic Signature vulnerability in multiple products

aes-gcm is a pure Rust implementation of the AES-GCM.

5.5
2023-09-22 CVE-2023-43090 Gnome
Fedoraproject
A vulnerability was found in GNOME Shell.
5.5
2023-09-22 CVE-2023-43771 Mikebrady Resource Exhaustion vulnerability in Mikebrady NOT Quite PTP 1.2/1.2.1/1.2.2

In nqptp-message-handlers.c in nqptp before 1.2.3, crafted packets received on the control port could crash the program.

5.5
2023-09-22 CVE-2023-43782 Falktx Exposure of Resource to Wrong Sphere vulnerability in Falktx Cadence 0.9.0/0.9.1/0.9.2

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File.

5.5
2023-09-21 CVE-2023-41991 Apple Improper Certificate Validation vulnerability in Apple Iphone OS and Macos

A certificate validation issue was addressed.

5.5
2023-09-21 CVE-2023-4753 Openharmony Unspecified vulnerability in Openharmony

OpenHarmony v3.2.1 and prior version has a system call function usage error.

5.5
2023-09-20 CVE-2023-22024 Oracle Unspecified vulnerability in Oracle Linux and VM Server

In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant.

5.5
2023-09-20 CVE-2023-20597 AMD Improper Initialization vulnerability in AMD products

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

5.5
2023-09-20 CVE-2023-22644 Suse Information Exposure Through Log Files vulnerability in Suse Manager Server

An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4.

5.5
2023-09-20 CVE-2022-47561 Ormazabal Insufficiently Protected Credentials vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware

The web application stores credentials in clear text in the "admin.xml" file, which can be accessed without logging into the website, which could allow an attacker to obtain credentials related to all users, including admin users, in clear text, and use them to subsequently execute malicious actions.

5.5
2023-09-20 CVE-2023-43616 Schollz Path Traversal vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

5.5
2023-09-20 CVE-2020-24089 Iobit Unspecified vulnerability in Iobit Malware Fighter 6.0.2

An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter version 8.0.2, allows local attackers to cause a denial of service (DoS).

5.5
2023-09-18 CVE-2023-43114 QT Unspecified vulnerability in QT

An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows.

5.5
2023-09-23 CVE-2023-5125 Formget Unspecified vulnerability in Formget Contact Form BY Formget

The Contact Form by FormGet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formget' shortcode in versions up to, and including, 5.5.5 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2023-09-22 CVE-2023-4716 Davidlingren Cross-site Scripting vulnerability in Davidlingren Media Library Assistant

The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2023-09-22 CVE-2023-4774 Braekling Unspecified vulnerability in Braekling Connect Matomo

The WP-Matomo Integration (WP-Piwik) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2023-09-21 CVE-2023-42458 Zope Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zope

Zope is an open-source web application server.

5.4
2023-09-21 CVE-2023-41048 Plone Cross-site Scripting vulnerability in Plone Namedfile 6.2.0

plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depending on, Plone Dexterity content.

5.4
2023-09-20 CVE-2023-36234 Netbox Cross-site Scripting vulnerability in Netbox 3.5.1

Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function.

5.4
2023-09-20 CVE-2023-43376 Digitaldruid Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.5

A cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter.

5.4
2023-09-20 CVE-2023-43377 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5

A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the destinatario_email1 parameter.

5.4
2023-09-20 CVE-2023-43495 Jenkins Cross-site Scripting vulnerability in Jenkins

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the 'caption' constructor parameter of 'ExpandableDetailsNote', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control this parameter.

5.4
2023-09-20 CVE-2023-43499 Jenkins Cross-site Scripting vulnerability in Jenkins Build Failure Analyzer

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.

5.4
2023-09-20 CVE-2023-5062 Wpartisan Unspecified vulnerability in Wpartisan Wordpress Charts 0.7.0

The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wp_charts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2023-09-20 CVE-2023-5063 Stefanoai Unspecified vulnerability in Stefanoai Widget Responsive for Youtube

The Widget Responsive for Youtube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube' shortcode in versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes.

5.4
2023-09-20 CVE-2023-39575 ISL Cross-site Scripting vulnerability in ISL Arp-Guard 4.0.05

A reflected cross-site scripting (XSS) vulnerability in the url_str URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

5.4
2023-09-19 CVE-2023-40932 Nagios Cross-site Scripting vulnerability in Nagios XI

A Cross-site scripting (XSS) vulnerability in Nagios XI version 5.11.1 and below allows authenticated attackers with access to the custom logo component to inject arbitrary javascript or HTML via the alt-text field.

5.4
2023-09-19 CVE-2023-43566 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration

5.4
2023-09-19 CVE-2023-42452 Joinmastodon Cross-site Scripting vulnerability in Joinmastodon Mastodon

Mastodon is a free, open-source social network server based on ActivityPub.

5.4
2023-09-19 CVE-2023-23957 Symantec Open Redirect vulnerability in Symantec Identity Portal 14.4

An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4

5.4
2023-09-18 CVE-2023-37611 Neos Cross-site Scripting vulnerability in Neos CMS 8.3.3

Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component.

5.4
2023-09-18 CVE-2023-38582 Socomec Cross-site Scripting vulnerability in Socomec Modulys GP Firmware 01.12.10

Persistent cross-site scripting (XSS) in the web application of MOD3GP-SY-120K allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the field MAIL_RCV.

5.4
2023-09-18 CVE-2023-42371 Summernote Cross-site Scripting vulnerability in Summernote Rich Text Editor

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component.

5.4
2023-09-24 CVE-2023-5142 H3C Path Traversal vulnerability in H3C products

A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908.

5.3
2023-09-21 CVE-2023-40183 Dataease Unrestricted Upload of File with Dangerous Type vulnerability in Dataease

DataEase is an open source data visualization and analysis tool.

5.3
2023-09-21 CVE-2023-4292 Frauscher SQL Injection vulnerability in Frauscher Diagnostic System 101 1.3.3/1.4.24

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a SQL injection vulnerability via manipulated parameters of the web interface without authentication.

5.3
2023-09-20 CVE-2023-38718 IBM Unspecified vulnerability in IBM Robotic Process Automation

IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data.

5.3
2023-09-20 CVE-2023-43617 Schollz Unspecified vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

5.3
2023-09-20 CVE-2023-43618 Schollz Missing Encryption of Sensitive Data vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

5.3
2023-09-20 CVE-2023-26144 Graphql Resource Exhaustion vulnerability in Graphql

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries.

5.3
2023-09-19 CVE-2023-4095 Fujitsu Information Exposure Through Discrepancy vulnerability in Fujitsu Arconte Aurea 1.5.0.0

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version.

5.3
2023-09-19 CVE-2023-5054 Superstorefinder Unspecified vulnerability in Superstorefinder Super Store Finder

The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3.

5.3
2023-09-19 CVE-2023-41599 Jfinalcms Project Path Traversal vulnerability in Jfinalcms Project Jfinalcms 5.0.0

An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal.

5.3
2023-09-19 CVE-2023-40788 Bladex Exposure of Resource to Wrong Sphere vulnerability in Bladex Springblade 3.2.0/3.6.0

SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs

5.3
2023-09-18 CVE-2023-42441 Vyperlang Improper Locking vulnerability in Vyperlang Vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM).

5.3
2023-09-24 CVE-2023-1625 Openstack
Redhat
An information leak was discovered in OpenStack heat.
5.0
2023-09-24 CVE-2023-1636 Openstack
Redhat
A vulnerability was found in OpenStack Barbican containers.
5.0
2023-09-21 CVE-2023-41614 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul ZOO Management System 1.0

A stored cross-site scripting (XSS) vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of Animal parameter.

4.8
2023-09-21 CVE-2023-41616 Student Management System Project Cross-site Scripting vulnerability in Student Management System Project Student Management System 1.0

A reflected cross-site scripting (XSS) vulnerability in the Search Student function of Student Management System v1.2.3 and before allows attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload.

4.8
2023-09-21 CVE-2023-43309 Webmin Cross-site Scripting vulnerability in Webmin

There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.

4.8
2023-09-20 CVE-2022-1438 Redhat Cross-site Scripting vulnerability in Redhat Keycloak

A flaw was found in Keycloak.

4.8
2023-09-20 CVE-2023-31014 Nvidia Exposure of Resource to Wrong Sphere vulnerability in Nvidia Geforce NOW 6.00.32705137/6.04.33108832

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component.

4.8
2023-09-19 CVE-2023-2995 TE ST Unspecified vulnerability in Te-St Leyka

The Leyka WordPress plugin before 3.30.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2023-09-19 CVE-2023-4376 Nikolov Unspecified vulnerability in Nikolov Serial Codes Generator and Validator With Woocommerce Support

The Serial Codes Generator and Validator with WooCommerce Support WordPress plugin before 2.4.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8
2023-09-20 CVE-2023-43621 Schollz Unspecified vulnerability in Schollz Croc

An issue was discovered in Croc through 9.6.5.

4.7
2023-09-20 CVE-2023-40368 IBM Unspecified vulnerability in IBM Storage Protect

IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client.

4.4
2023-09-20 CVE-2023-20594 AMD Improper Initialization vulnerability in AMD products

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

4.4
2023-09-23 CVE-2022-3962 Kiali
Redhat
A content spoofing vulnerability was found in Kiali.
4.3
2023-09-23 CVE-2023-5134 Easyregistrationforms Unspecified vulnerability in Easyregistrationforms Easy Registration Forms

The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode.

4.3
2023-09-22 CVE-2023-42812 Galaxyproject Server-Side Request Forgery (SSRF) vulnerability in Galaxyproject Galaxy

Galaxy is an open-source platform for FAIR data analysis.

4.3
2023-09-20 CVE-2023-43494 Jenkins Unspecified vulnerability in Jenkins

Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered.

4.3
2023-09-20 CVE-2023-43502 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer

A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes.

4.3
2023-09-20 CVE-2023-34047 Vmware Unspecified vulnerability in VMWare Spring for Graphql

A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session.

4.3

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2023-09-18 CVE-2020-36766 Linux Unspecified vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.8.6.

3.3