CVE List for June 2023 (2386 vulnerabilities)

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability.

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability.

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability.

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability.

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of...

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can s...

A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial o...

Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.

Microsoft Outlook Denial of Service Vulnerability

Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not a...

Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected product with an...

Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is ins...

Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in ...

Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product wit...

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and Sc...

SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an admin...

Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in...

Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.

Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. A...

iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's r...

mp4v2 v2.1.3 was discovered to contain a memory leak via the class MP4StringProperty at mp4property.cpp.

mp4v2 v2.1.3 was discovered to contain a memory leak via MP4SdpAtom::Read() at atom_sdp.cpp

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process commu...

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and M...

A vulnerability classified as problematic has been found in Stars Alliance PsychoStats up to 3.2.2a. This affects an unknown part of the file upload/a...

Controller 6000 is vulnerable to a buffer overflow via the Controller diagnostic web interface upload feature. This issue affects Controller 600...

In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hard...

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts shou...

Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of ve...

A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unkno...

A vulnerability was found in sea75300 FanPress CM up to 3.6.3. It has been classified as problematic. This affects the function getArticlesPreview of ...

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. T...

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration...

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the funct...

A vulnerability was found in Video Playlist and Gallery Plugin up to 1.136 on WordPress. It has been rated as problematic. Affected by this issue is s...

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-priv...

An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes ...

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logge...

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompressio...

Janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method. If the parser...

A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability i...

Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a ...

Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted...

Brook is a cross-platform programmable network tool. The `tproxy` server is vulnerable to a drive-by command injection. An attacker may fool a victim ...

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could poten...

Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator us...

DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnera...

DataEase is an open source data visualization and analysis tool. Prior to version 1.18.7, a deserialization vulnerability exists in the DataEase datas...

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker t...

libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES res...

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser withi...

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who hold...

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigge...

In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user who holds ...

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can per...

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Boots...

In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes i...

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stre...

In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traver...

In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes tha...

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulner...

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized user can acce...

OpenProject is web-based project management software. For any OpenProject installation, a `robots.txt` file is generated through the server to denote ...

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the `deletionTimestamp` field defined...

Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options (`server.fs.deny`) can be bypasse...

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message

The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing ...

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component #/de/cas...

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the PO...

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the PO...

The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized apps to actively request permission to modify data in the database that...

The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the dat...

Keyboard Themes 1.275.1.164 for Android contains a dictionary traversal vulnerability that allows unauthorized apps to overwrite arbitrary files in it...

A vulnerability classified as problematic was found in ruddernation TinyChat Room Spy Plugin up to 1.2.8 on WordPress. This vulnerability affects the ...

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in mback2k mh_httpbl Extension up to 1.1.7 on TYPO3. This aff...

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already...

An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can inject a stored XSS payload in the Device ID field u...

An issue was discovered in South River Technologies TitanFTP NextGen server that allows for a vertical privilege escalation leading to remote code exe...

An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level privileges to perform Administrative actions by sendi...

The BT21 x BTS Wallpaper app 12 for Android allows unauthorized apps to actively request permission to modify data in the database that records inform...

The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that reco...

An issue found in The Thaiger v.1.2 for Android allows unauthorized apps to cause a code execution attack by manipulating the SharedPreference files.

The Web Directory Free for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.6.7 due to insuff...

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC...

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC...

Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD...

Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module...

The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via service titles in versions up to, and including, 21.5 due to insuffic...

The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including,...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Ex...

SGUDA U-Lock central lock control service’s lock management function has incorrect authorization. A remote attacker with general privilege can exploit...

SGUDA U-Lock central lock control service’s user management function has incorrect authorization. A remote attacker with general user privilege can ex...

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrat...

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system...

It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user ...

Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by m...

Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker w...

OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administ...

ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. An unauthenticated remote attacker can inject SQL commands into the input field o...

ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this v...

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length....

Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetoo...

Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this...

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An unauthenticated remote attacker can exploit this vulnerabili...

Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the defa...

It is identified a vulnerability of insufficient authentication in the system configuration interface of Hitron Technologies CODA-5310. An unauthorize...

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discovera...

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already...

mp4v2 v2.1.3 was discovered to contain a memory leak when a method calling MP4File::ReadBytes() had allocated memory but did not catch exceptions thro...

Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows re...

A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. Th...

Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop, allowing a user knowing the download...

Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user t...

Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Securi...

A vulnerability was found in YFCMF up to 3.0.4. It has been rated as problematic. This issue affects some unknown processing of the file app/admin/con...

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User...

A vulnerability, which was classified as critical, was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the fi...

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic whe...

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection ...

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the functi...

A vulnerability was found in code-projects Agro-School Management System 1.0 and classified as critical. This issue affects some unknown processing of...

A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of t...

SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop ...

Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.

ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unautho...

Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4.

A vulnerability classified as critical has been found in Campcodes Retro Cellphone Online Store 1.0. Affected is an unknown function of the file /admi...

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as havi...

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thun...

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which coul...

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mis...

Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affect...

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://...

Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a we...

When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary ...

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This...

Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vul...

A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could l...

Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting f...

A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</cod...

Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enou...

Memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that...

Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them wit...

A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitel...

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global ob...

When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially...

After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected...

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting ...

An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox ...

Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which i...

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</...

After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unexpected n...

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compat...

When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox...

A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects F...

Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with eno...

Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some o...

By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing ...

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox wil...

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability a...

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a pot...

When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead fu...

The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing ...

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially ...

If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persi...

While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitab...

When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolv...

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnera...

Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enou...

Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</...

Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a...

An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory ...

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability ...

Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a...

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. Th...

Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code...

Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>...

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This v...

If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potential...

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently fa...

A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for An...

Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. This may have created a vulnerability ...

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enou...

Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoof...

An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderb...

A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affec...

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 1...

An attacker could have positioned a <code>datalist</code> element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < ...

When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Th...

Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with eno...

Unverified Password Change in GitHub repository tsolucio/corebos prior to 8.

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.

Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8.

Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /view...

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection vulnerability via the Activity parameter.

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /sche...

Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service...

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote p...

An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code...

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up ...

The Page Builder by AZEXO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'azh_post' shortcode in versions up to, and including,...

The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to ...

The Page Builder by AZEXO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'azh_add_po...

The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to ...

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and inc...

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1....

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'business_id...

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized medication of data via the /wp-json...

The Contact Form Builder by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and i...

The Contact Form Builder by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.9.1. This is du...

The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions ...

The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.4...

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, an...

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.2. This is...

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugi...

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugi...

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missi...

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonc...

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10_b202303061504. This issue affects the function run_acti...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <= 0.4 versions.

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown...

A vulnerability classified as critical has been found in code-projects Agro-School Management System 1.0. Affected is the function doUpdateQuestion of...

Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

A vulnerability was found in Watu Quiz Plugin up to 2.6.7 on WordPress. It has been rated as critical. This issue affects the function watu_exams of t...

A vulnerability was found in Blogger Importer Plugin up to 0.5 on WordPress. It has been classified as problematic. Affected is the function start/res...

A vulnerability was found in EELV Newsletter Plugin 2.x on WordPress. It has been rated as problematic. Affected by this issue is the function style_n...

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauth...

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow...

A vulnerability was found in Broken Link Checker Plugin up to 1.10.1 on WordPress. It has been declared as problematic. Affected by this vulnerability...

IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker ...

IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to i...

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL.

DokuWiki before 2023-04-04a allows XSS via RSS titles.

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always c...

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S...

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021...

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch level...

The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XM...

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function...

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSou...

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restore_all_sound_file. The m...

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function delete_file ...

A vulnerability classified as problematic has been found in WooFramework Branding Plugin up to 1.0.1 on WordPress. Affected is the function admin_scre...

A vulnerability, which was classified as critical, has been found in IBOS 4.5.5. Affected by this issue is the function actionDel of the file ?r=dashb...

Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue a...

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile applicat...

Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including admin...

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated ...

The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with...

The WP Multi Store Locator WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a...

The Hostel WordPress plugin before 1.1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to ...

The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading...

The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin...

The ConvertKit WordPress plugin before 2.2.1 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site ...

The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.61 does not sanitise and escape a parameter before...

The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape various parameters before out...

The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape some of its settings, which c...

The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a...

The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-S...

The Survey Maker WordPress plugin before 3.4.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-S...

The Get your number WordPress plugin through 1.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as a...

Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three (vscode: vscode-insiders: jetb...

MarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interface for uploading attachments in the background.

emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and ot...

A vulnerability classified as problematic was found in WooFramework Tweaks Plugin up to 1.0.1 on WordPress. Affected by this vulnerability is the func...

A vulnerability, which was classified as problematic, has been found in WooSidebars Plugin up to 1.4.1 on WordPress. Affected by this issue is the fun...

SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a ba...

A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 allows attackers to cause a Denial of Service (DoS) via a crafted XML file.

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.

Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8.

Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on th...

A vulnerability, which was classified as problematic, was found in WooSidebars Sidebar Manager Converter Plugin up to 1.1.1 on WordPress. This affects...

Microsoft Office Remote Code Execution Vulnerability

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct...

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access c...

Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an attacker to ...

Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was ...

A vulnerability classified as problematic was found in Exit Box Lite Plugin up to 1.06 on WordPress. Affected by this vulnerability is the function ex...

*File Upload vulnerability found in Emlog EmlogCMS v.6.0.0 allows a remote attacker to gain access to sensitive information via the /admin/plugin.php ...

A local privilege escalation vulnerability in the ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool could allow an attacker with local access...

PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php.

PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php.

PrestaShop jmsslider 1.6.0 is vulnerable to Incorrect Access Control via ajax_jmsslider.php.

Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service (DoS) via DNS Recursion.

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user inp...

Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php.

Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insu...

hoppscotch is an open source API development ecosystem. In versions prior to 2023.4.5 the database password is exposed in the logs when showing the da...

A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be trigg...

A vulnerability, which was classified as problematic, has been found in Exit Box Lite Plugin up to 1.06 on WordPress. Affected by this issue is some u...

An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models could allow an attacker with local access to elevate ...

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local acc...

On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values...

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record...

Avo is an open source ruby on rails admin panel creation framework. In affected versions some avo fields are vulnerable to Cross Site Scripting (XSS) ...

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script ...

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file...

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file ext...

A vulnerability classified as problematic has been found in RealFaviconGenerator Favicon Plugin up to 1.2.12 on WordPress. This affects the function i...

A vulnerability, which was classified as problematic, was found in Gravity Forms DPS PxPay Plugin up to 1.4.2 on WordPress. Affected is an unknown fun...

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWMP. It has been rated as problematic. This issue affects some unknown processing ...

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authe...

A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The ma...

In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution priv...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privile...

In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execu...

In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execu...

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution p...

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution p...

In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges nee...

In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

Assertion occurs while processing Reconfiguration message due to improper validation

information disclosure due to cryptographic issue in Core during RPMB read request.

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Memory corruption in Linux android due to double free while calling unregister provider after register call.

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

Memory corruption in Audio due to incorrect type cast during audio use-cases.

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Memory corruption in Linux while sending DRM request.

Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message queue...

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

Memory corruption due to double free in Core while mapping HLOS address to the list.

Transient DOS due to improper authorization in Modem

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

Information disclosure in Kernel due to indirect branch misprediction.

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Memory corruption in Automotive GPU while querying a gsl memory node.

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Memoru corruption in Audio when ADSP sends input during record use case.

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Transient DOS in WLAN Firmware while parsing FT Information Elements.

Transient DOS while parsing WLAN beacon or probe-response frame.

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the...

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual version <= 2....

Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myRE...

A vulnerability, which was classified as critical, has been found in SourceCodester Service Provider Management System 1.0. Affected by this issue is ...

A vulnerability, which was classified as critical, was found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of...

A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code...

A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The...

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the f...

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution...

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution...

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution...

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execu...

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execu...

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System exec...

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution p...

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges ...

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution ...

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution ...

In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privil...

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges ...

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution ...

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges ...

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges ...

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution pr...

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution pr...

In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privil...

In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges nee...

In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privil...

In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privil...

In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges neede...

In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution...

In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privil...

In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execu...

In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execu...

There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management...

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash.

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges,...

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Vers...

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization...

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-...

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-b...

The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-o...

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds wri...

Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak...

Landscape allowed URLs which caused open redirection.

A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an aut...

The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-o...

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a u...

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7...

The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker...

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds rea...

A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows at...

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds wri...

The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary ...

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could syn...

The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker wit...

axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. This vulnerability allows attac...

CloudPanel v2.2.2 allows attackers to execute a path traversal.

fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or san...

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundr...

Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for use...

Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mi...

Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. In affected versions it may be possible for a deactivated user t...

Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the `url_preview_url...

An issue in the MVC Device Simulator of Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) v9.0 Initial Release ...

Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /sitecor...

Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /Applica...

notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry and added a high number of si...

notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry and added a high number of si...

notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry can cause users to verify the...

Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, ...

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. A...

PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.

A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.

A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records retur...

A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to r...

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is clo...

A segmentation fault flaw was found in the Advancecomp package. This may lead to decreased availability.

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path.

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.

Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 ...

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanit...

An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid and role parameters in the out.UsrMgr.php file.

In Percona XtraBackup (PXB) through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected command she...

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within th...

An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file.

D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function.

The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-com...

The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images func...

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthenticated settings reset in versions up to, and including 1.8.1 du...

The WordPress Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logo_width, logo_height, r...

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability...

The Mesmerize & Materialis themes for WordPress are vulnerable to authenticated options change in versions up to, and including,1.6.89 (Mesmerize) and...

The GDPR Cookie Compliance plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the gdpr_cookie_compliance_...

The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 2.2.10 due to insufficient input sanitization....

The Contact Form & SMTP Plugin by PirateForms plugin for WordPress is vulnerable to HTML injection in the ‘public/class-pirateforms-public.php’ file i...

The DELUCKS SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the saveSettings() function that had no capability checks in ver...

The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up...

The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 2.9.0.3 due to insufficient input sanitization...

The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authen...

The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers t...

The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the activate_plugin function in ver...

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_do...

The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This...

The Quick Page/Post Redirect Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the qppr_save_quick_redire...

The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a se...

The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'process_b...

The Ultimate Addons for Gutenberg plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 1.14.7. This i...

The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG image uploads in versions up to, and including...

The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters stored via the fruitful_theme_options_action AJAX...

The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This ...

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello...

The Page Builder: KingComposer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via via shortcode in versions before 2.9.4 due to ins...

The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page mak...

The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the update_layout function in versions up to, and including, 6.2.3 due ...

The Kali Forms plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 2.1.1. This is due to t...

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to unrestricted access...

The Login/Signup Popup plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on several functions in versions up...

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup_page function in version...

The Kali Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to incorrect nonc...

The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization ...

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in vers...

The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the update_o...

The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is d...

The Visual Composer plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 26.0 due to insufficient input saniti...

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the ~/listing...

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user sup...

The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress are vulnerable to an Options Change vulnerability in versions up to,...

The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrus...

The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions up to, and including, 1.5.1. This is due to unsaniti...

The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twoj_slideshow_setup' function c...

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cm...

The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to S...

The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functi...

The uListing plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in the "ulisting/includes/route.php" file on...

The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listing_id’ parameter in versions up to, and including, 1.6.6 due to...

The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a mis...

The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated Account Creation in versions up to, and including, 1.6.6. T...

The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 18.2. This is due to lacking mi...

The uListing plugin for WordPress is vulnerable to authorization bypass due to missing capability and nonce checks on the UlistingUserRole::save_role_...

The uListing plugin for WordPress is vulnerable to Unauthenticated Arbitrary Account Changes in versions up to, and including, 1.6.6. This is due to m...

The function update_shipment_status_email_status_fun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to...

The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings fu...

The Process Steps Template Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This mak...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated HTML Injection in versions up to, and including, 18.2. This is due to ...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Post Meta Change in versions up to, and including, 18.2. This is due t...

The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_locsettings functi...

The PWA for WP & AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader f...

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the download_orderdetail_list(),...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download in versions up to, and including, 18.2. This...

The uListing plugin for WordPress is vulnerable to authorization bypass due to missing capability checks, and a missing security nonce, on the Ulistin...

The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including,...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 18.2. This i...

The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restric...

The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_job_integrati...

The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_get_option...

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.5 due to insuffi...

The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_add_job_impor...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and including, 18.2. Th...

The PWA for WP & AMP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the pwaforwp_update_features_opt...

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_im...

The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to l...

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Content Injection in versions up to, and including, 18.2. This is due ...

The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and endpoints are accessible to unauthenticated users, lack se...

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Setting Changs in versions up to, and including, 5.5. This is due to lacking both a...

The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4....

The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This makes it possible for...

The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missi...

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the usces_download_system_infor...

The WooCommerce Multi Currency plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.17. This makes it po...

The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donati...

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficie...

The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, i...

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetch_external_image() function i...

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missin...

The FlyingPress plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, an...

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in version...

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execut...

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file.

Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the DelspReFile function in /sp/ListSp.php. This vulnerabilit...

The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option fun...

The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'b2bking_save_price_impor...

The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'b2bkingdownloadpricelist' func...

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to ...

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, ...

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is suscept...

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm...

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/...

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including f...

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.A...

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Age...

A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, re...

The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application such as versio...

Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potential...

Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to exe...

Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Click...

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the _ning_upload_image func...

The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows una...

Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wp_ajax_svx_ajax_...

The WooCommerce Multi Currency plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wmc_bulk_fixed_pric...

The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_par...

The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2...

VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious acto...

alist <=3.16.3 is vulnerable to Incorrect Access Control. Low privilege accounts can upload any file.

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks ...

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations ...

Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Net...

Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of t...

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.

A vulnerability classified as problematic has been found in SourceCodester Online Discussion Forum Site 1.0. Affected is an unknown function of the fi...

A vulnerability classified as problematic was found in SourceCodester Online Discussion Forum Site 1.0. Affected by this vulnerability is an unknown f...

A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. Affected by this issue is some u...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2....

A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the f...

A vulnerability has been found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This vulnerability affects unknown code ...

A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 ...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7...

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, a...

An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions star...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7,...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.8 before 15.10.8, all versions starting from 15.11 before 15.11.7...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15.10.8, all versions starting from 15.11 before 15.11.7,...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7...

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7...

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7, a...

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This issue affects some unknown processing of...

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of t...

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration....

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which a...

OpenZeppelin Contracts is a library for smart contract development. By frontrunning the creation of a proposal, an attacker can become the proposer a...

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been declared as critical. Affected by this vulnerability is an u...

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. Affected by this issue is some unknown fu...

A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file adm...

A privilege escalation allowing remote code execution was discovered in the orchestration service.

Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote attacker is able to login and create a valid session...

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by usin...

Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote attacker authenticated as any user is able to execute co...

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff...

StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_I...

RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.

SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating...

Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could ...

FANUC ROBOGUIDE-HandlingPRO Versions 9 Rev.ZD and prior is vulnerable to a path traversal, which could allow an attacker to remotely read files on t...

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execu...

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to exe...

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could...

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unin...

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause chan...

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended query...

xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#...

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly ...

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating ...

A user could use the “Upload Resource” functionality to upload files to any location on the disk.

By changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia server account.

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication.

Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json file to be a different path...

The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application pr...

PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a...

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query p...

Gatsby is a free and open source framework based on React. The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vuln...

Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not prope...

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. This vul...

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authoriza...

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary ...

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arb...

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a...

The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is ...

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org....

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the ...

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_...

A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property()...

Incorrect access control in the administrative functionalities of BES--6024PB-I50H1 VideoPlayTool v2.0.1.0 allow attackers to execute arbitrary admini...

A vulnerability was found in y_project RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulat...

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo.

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.

A vulnerability was found in SourceCodester Life Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability ...

Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, t...

Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another stud...

An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information on the services run...

Chamilo v1.11.x up to v1.11.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the /feedback/comment field.

Incorrect access control in Chamilo v1.11.x up to v1.11.18 allows a student to arbitrarily access and modify another student's personal notes.

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when crea...

gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single...

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sust...

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters...

The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposit...

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses ...

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases...

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running an...

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running an...

Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The...

Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK f...

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In o...

snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in v...

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard ope...

TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS), an attacke...

JavaCPP Presets is a project providing Java distributions of native C++ libraries. All the actions in the `bytedeco/javacpp-presets` use the `github.e...

Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.

Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20.

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the q...

The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to mi...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_thankyou' shortcode in versions up to, an...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode in versions up to, a...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' shortcode in versions up ...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' shortcode in versions up ...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and includi...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf' shortcode to echo unescaped form subm...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_first_name' shortcode to echo unescape...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_last_name' shortcode to echo unescaped...

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'fname' attribute of the 'mf_thankyou' sho...

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 3.3.0. This allows un...

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing ...

The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.96. This is due to missing...

The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.96. This is due to missing...

The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up to, and including, 17.0.17 via the 'User-Agent' h...

The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and includin...

The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.3, due to insufficient escap...

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'file_uploader...

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capabi...

The Weaver Xtreme Theme for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in version...

The Weaver Show Posts Plugin for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in ve...

The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and inc...

The Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in versions up to, and including, 3....

The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and includin...

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability c...

The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack ...

The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to impr...

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versio...

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the g...

The PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 10.0 ...

The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up...

The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and in...

The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing ...

The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce validation o...

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the save function in...

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get function in ...

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templates functi...

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the template_count f...

The Essential Blocks plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.6. This is due to missing ...

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct c...

The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term...

The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabil...

The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the post_id parameter in versions up to, and including, 4.0.2 due to ins...

The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, an...

The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a mis...

The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the...

The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions u...

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdm_members', 'wpdm_login_form', 'wpdm_reg_form' shor...

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter...

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missi...

The FiboSearch - AJAX Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, a...

The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.77 d...

The Active Directory Integration plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to...

The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7. This is due to missing...

The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabilit...

The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabilit...

The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabilit...

The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcs_current_cu...

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 (9.6.1 ...

The Active Directory Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby ...

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in ver...

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and...

The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Path Traversal in versions up to, and including, 4.19....

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_set_featured_...

The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Stored Cross-Site Scripting via admin settings in vers...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function ...

A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is a...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or in...

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit ...

An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security (OAS) encryption, if...

A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a ...

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves....

There exists an vulnerability causing an abort() to be called in gRPC.  The following headers cause gRPC's C++ implementation to abort() when called v...

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to al...

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error ...

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_ajax_call function in v...

The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_swit...

The WP Activity Log Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to m...

The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or incor...

A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is a...

A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unkn...

Vault and Vault Enterprise's (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerabil...

A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution.

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewr...

An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed in v.7.0.10 allows a remote unauthenticated attacker...

Fuel CMS v1.5.2 was discovered to contain a SQL injection vulnerability via the id parameter at /controllers/Blocks.php.

Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Cont...

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin a...

Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unpriv...

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET re...

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and lan...

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with ele...

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-s...

An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPref...

An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the ...

An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference f...

An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference fi...

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPr...

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPre...

An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the database files.

An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference f...

An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of Privileges via the database files.

An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent denial of service via the database files.

UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions c...

A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML fil...

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker ...

Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue.

An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPrefe...

An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause a denial of service via the SharedPreference files.

A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some ...

Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0.

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current v...

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting.

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.

The Danfoss AK-EM100 stores login credentials in cleartext.

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter.

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter.

The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters.

The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information su...

The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more ...

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, an...

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command inje...

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, an...

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code ...

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, an...

In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vu...

All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.

A vulnerability classified as problematic was found in cchetanonline WP-CopyProtect up to 3.0.0. This vulnerability affects the function CopyProtect_o...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GalleryPlugins Video Contest plugin <= 3.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= 4.0.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin <= 3.5.7 versions.

LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute s...

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to normalize_url in lib.rs, a sim...

EyouCMS 1.6.2 is vulnerable to Cross Site Scripting (XSS).

A Cross Site Scripting (XSS) vulnerability in Youxun Electronic Equipment (Shanghai) Co., Ltd AC Centralized Management Platform v1.02.040 allows atta...

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rolands Umbrovskis itemprop WP for SERP/SEO Rich snippets plugin <= 3.5.201706131 ve...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludwig Media UTM Tracker plugin <= 1.3.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Phan Chuong IP Metaboxes plugin <= 2.1.1 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Phan Chuong IP Metaboxes plugin <= 2.1.1.

NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed messages.

NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFocus Projects Scripts n Styles plugin <= 3.5.7 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPoperation SALERT – Fake Sales Notification WooCommerce plugin <= 1.2.1 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.3 versions.

Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID parameter in /php-spms/?page=services/view&id=2

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData with...

A vulnerability classified as problematic was found in Chengdu VEC40G 3.0. Affected by this vulnerability is an unknown functionality of the file /sen...

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is so...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in StPeteDesign Call Now Accessibility Button plugin <= 1.1 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BrokenCrust This Day In History plugin <= 3.10.1 versions.

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allo...

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user t...

In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms

In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible

Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.

SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SR...

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without...

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within ...

AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead...

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to inf...

Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an una...

The File Away WordPress plugin through 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as ...

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege ...

The Float menu WordPress plugin before 5.0.2, Bubble Menu WordPress plugin before 3.0.4, Button Generator WordPress plugin before 2.3.5, Calculator Bu...

The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-...

The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected C...

The Contact Form Email WordPress plugin before 1.3.38 does not escape submitted values before displaying them in the HTML, leading to a Stored XSS vul...

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may le...

AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot pro...

AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to co...

AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may...

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may le...

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitra...

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitra...

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitra...

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitra...

Atlas Copco Power Focus 6000 web server does not sanitize the login information stored by the authenticated user’s browser, which could allow an attac...

Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an...

Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow an attacker to gain sensitive information by monitori...

TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow.

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxml...

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only af...

A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrar...

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only af...

A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font...

An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network to gain escalated privileges for the nodes running on...

A Mazda model (2015-2016) can be unlocked via an unspecified method.

Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method.

EaseUS Todo Backup version 20220111.390 - An omission during installation may allow a local attacker to perform privilege escalation.

A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with speci...

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevatio...

Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow.

The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing ...

The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdk_public_action' fu...

The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the...

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.7. This ...

SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of ...

SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin ...

An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of addition...

SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized a...

SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Sit...

SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713, 714, does not sufficiently encode user-controlled inputs, resulting in Cross-Sit...

SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-contro...

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (fir...

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42...

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules a...

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remot...

An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConvert...

An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all ve...

A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiP...

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, Forti...

An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several...

A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform b...

A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, Fort...

An improper permissions, privileges, and access controls vulnerability [CWE-264] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8...

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, For...

A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 thr...

A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All v...

A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all...

An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 t...

Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManage...

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D...

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6...

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through ...

A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All...

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All v...

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1...

A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2...

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA...

A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their inst...

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM...

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM...

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visual...

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visual...

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visual...

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visual...

A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiO...

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The web i...

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affec...

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affec...

Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on...

Out-of-bound reads vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the syst...

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a speciall...

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vul...

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be e...

OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be exec...

Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on ...

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a positio...

Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected...

OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an adminis...

Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative...

OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects ...

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5.

Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection.This issue aff...

Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass.This issue affects L...

Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection.This issue affects Lockcell: before 15.

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authenticat...

Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <= 3.3 versions allows Stored Cross-Site Scripting (XSS).

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <= 3.1.9 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jinit9906 Shipyaari Shipping Management plugin <= 1.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kamyabsoft Chat Bee plugin <= 1.1.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cyberus Labs Cyberus Key plugin <= 1.0 versions.

An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospec...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQL Injection through ...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nate Reist Protected Posts Logout Button plugin <= 1.4.5 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marcelotorres Redirect After Login plugin <= 0.1.9 versions.

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The...

Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile() function at /core/io/FileUtil...

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitra...

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitra...

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitra...

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitra...

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitra...

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of ...

TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40...

Windows Snipping Tool Information Disclosure Vulnerability

Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a...

Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leadin...

CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Locat...

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages ar...

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows ...

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that che...

A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which all...

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle atta...

Keystone is a content management system for Node.JS. There is an open redirect in the `@keystone-6/auth` package versions 7.0.0 and prior, where the r...

benjjvi/PyBB is an open source bulletin board. Prior to commit dcaeccd37198ecd3e41ea766d1099354b60d69c2, benjjvi/PyBB is vulnerable to SQL Injection. ...

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with Future...

Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client fi...

Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A maliciou...

Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially ...

Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files wit...

Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an es...

Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated ...

Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to po...

Improper input validation in the installer for Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escal...

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a cr...

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML ...

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p...

Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3.

ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality. Additional ...

TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function s...

Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially ena...

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of servi...

SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information.

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it de...

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stor...

TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale.

On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor w...

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.  Hard-coded cryptographic ke...

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected.   Improper authorizati...

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to releva...

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a mod...

hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability.

A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user...

An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary cod...

Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed...

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed...

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed...

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed...

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.

Azure DevOps Server Spoofing Vulnerability

Azure DevOps Server Spoofing Vulnerability

Windows CryptoAPI Denial of Service Vulnerability

NTFS Elevation of Privilege Vulnerability

Windows Group Policy Elevation of Privilege Vulnerability

Windows Remote Desktop Security Feature Bypass Vulnerability

Sysinternals Process Monitor for Windows Denial of Service Vulnerability

DHCP Server Service Information Disclosure Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Windows GDI Elevation of Privilege Vulnerability

GDI Elevation of Privilege Vulnerability

Microsoft Streaming Service Elevation of Privilege Vulnerability

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Remote Desktop Client Remote Code Execution Vulnerability

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Windows Authentication Elevation of Privilege Vulnerability

Windows Media Remote Code Execution Vulnerability

Windows Geolocation Service Remote Code Execution Vulnerability

iSCSI Target WMI Provider Remote Code Execution Vulnerability

Windows Filtering Platform Elevation of Privilege Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Windows Media Remote Code Execution Vulnerability

Windows GDI Elevation of Privilege Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Windows Collaborative Translation Framework Elevation of Privilege Vulnerability

Windows Bus Filter Driver Elevation of Privilege Vulnerability

Windows iSCSI Discovery Service Denial of Service Vulnerability

Windows Container Manager Service Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Windows Installer Information Disclosure Vulnerability

Microsoft PostScript Printer Driver Remote Code Execution Vulnerability

Windows Hello Remote Code Execution Vulnerability

Windows Kernel Information Disclosure Vulnerability

Windows DNS Spoofing Vulnerability

Windows SMB Witness Service Security Feature Bypass Vulnerability

Windows Server Service Security Feature Bypass Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

.NET and Visual Studio Elevation of Privilege Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

Microsoft SharePoint Server Denial of Service Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Outlook Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

.NET and Visual Studio Elevation of Privilege Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Visual Studio Information Disclosure Vulnerability

Microsoft OneNote Spoofing Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Visual Studio Code Spoofing Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Office Remote Code Execution Vulnerability

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_mess...

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message...

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title f...

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_limit_product fun...

Windows CryptoAPI Denial of Service Vulnerability

A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 1.0. This affects an unknown part of the f...

Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0.

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.

Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0.

A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This vulnerability affects unknown code of the component ZIP Packag...

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wech...

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been classified as critical. Affected is the function get_image_base64 of the file a...

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function put_ima...

A vulnerability was found in mccms up to 2.6.5. It has been rated as critical. Affected by this issue is the function pic_api of the file sys/apps/con...

A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function pic_save of the file sys/apps/controllers/admin/...

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache...

An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unpri...

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause execution of malicious code when an unsuspi...

A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel executio...

A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when ...

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_e...

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache...

Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin <= 7.4.0 versions.

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: throu...

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: throu...

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload dat...

A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument userna...

A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. This issue affects some unknown processing of the file /admin/r...

A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mu...

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the fi...

A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/r...

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a4...

A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds...

In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL include...

Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.

Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape the versions of build artifacts on the Build Artifacts As Maven Repository pag...

Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape project and build display names on the Build Artifacts As Maven Repository pag...

Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, res...

Jenkins Template Workflows Plugin 41.v32d86a_313b_4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, res...

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attacke...

A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to...

A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to conn...

Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an emai...

An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter.

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading...

An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycl...

An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cy...

An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycli...

An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyc...

An issue was discovered sojo thru 1.1.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic...

An issue was discovered jmarsden/jsonij thru 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that ...

An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycl...

An issue was discovered pbjson thru 0.4.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycl...

An issue was discovered genson thru 1.6 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic...

An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycli...

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic...

An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that use...

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload.

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=e...

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=ed...

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=ed...

fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c.

fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c.

Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature.

An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/downlo...

An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cycli...

jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic depend...

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

.NET Framework Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

NuGet Client Remote Code Execution Vulnerability

Microsoft Power Apps Spoofing Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

Contiki-NG is an operating system for internet of things devices. In version 4.8 and prior, when processing ICMP DAO packets in the `dao_input_storing...

Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrap...

Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-prop...

Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-pa...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with e...

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payloa...

Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution (RCE) with SCPI interface or web server.

cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is ...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of...

Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Andro...

PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().

Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Incorrect Access Control. An unauthenticated attacker can overwrite firmnware.

Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Denial of Service on the user interface triggered by malformed SCPI command.

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.

A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute ...

A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the...

Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implem...

A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and...

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php.

There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulne...

SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting (XSS) via query screens.

ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework. Starting in version 4....

Netbox 3.5.1 is vulnerable to Cross Site Scripting (XSS) in the "Create Wireless LAN Groups" function.

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authe...

An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an ...

Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is pos...

Grav is a flat-file content management system. Prior to version 1.7.42, there is a logic flaw in the `GravExtension.filterFilter()` function whereby v...

Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from b...

Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in...

Grav is a flat-file content management system. In versions 1.7.42 and prior, the "/forgot_password" page has a self-reflected cross-site scripting vul...

IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ...

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allo...

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-...

IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified...

IBM Security Directory Suite VA 8.0.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: ...

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by send...

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force ac...

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automati...

Open redirect vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 throug...

Cross-site scripting (XSS) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 upd...

The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute command...

Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP ...

The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netS...

During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product instal...

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted i...

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damage...

Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) plugin <= 1.0.6 versions.

Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in IKSWEB WordPress Старт plugin <= 3.7 versions.

A vulnerability classified as critical has been found in code-projects Supplier Management System 1.0. Affected is an unknown function of the file btn...

A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functiona...

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax ...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zestard Technologies Admin side data storage for Contact Form 7 plugin <= 1.1.1 versions...

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability allows arbitrary file upload in Shingo Intrepidity plugin <= 1.5.1 versions.

Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function.

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1,...

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1,...

Cross-site scripting (XSS) vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML...

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. This vul...

snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions pr...

An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file...

In PVRSRVBridgeSyncPrimOpCreate of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-...

In _PMRCreate of the PowerVR kernel driver, a missing bounds check means it is possible to overwrite heap memory via PhysmemNewRamBackedPMR. This coul...

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead t...

In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege...

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local informatio...

In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution ...

In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to pair...

In multiple functions of cdm_engine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege ...

In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input v...

In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing perm...

In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing pe...

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege ...

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. Thi...

In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution...

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This cou...

In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background ...

In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote cod...

In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in...

In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This c...

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local...

In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execut...

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to loca...

In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalat...

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local i...

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosu...

In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to loca...

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead...

Adobe Substance 3D Designer version 12.4.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrar...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerabilit...

Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Information Exposure vulnerability t...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerabilit...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an XML Injection vulnerability. An atta...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerabilit...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vu...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vu...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Improper Input Validation vulnerabil...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Business Logic Errors vulnerability t...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerabilit...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerabilit...

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Improper Neutralization of Special El...

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged atta...

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged atta...

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-pri...

Adobe Animate versions 22.0.9 (and earlier) and 23.0.1 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary cod...

Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged atta...

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the...

A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate co...

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized.

In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability.

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password i...

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cil...

PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions.

An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an a...

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 8.8.15. XSS can occur, via one of attributes of the webmail /h/ endpoint, to execute arb...

In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as ro...

Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information.

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.

SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.  Part of the URL of the requ...

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device netw...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal o...

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft SQL OLE DB Remote Code Execution Vulnerability

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.

L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000’s file uploading function does not restrict upload of file with dangerous type. An unauthenticate...

OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulner...

Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability ...

Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attacke...

In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection ...

Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to cre...

Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.

Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-par...

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profil...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPChill Strong Testimonials plugin <= 3.0.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alexander Suess asMember plugin <= 1.5.4 versions.

Mattermost Apps Framework fails to verify that a secret provided in the incoming webhook request allowing an attacker to modify the contents of the po...

Mattermost fails to verify if the requestor is a sysadmin or not, before allowing `install` requests to the Apps allowing a regular user send install ...

Mattermost fails to properly check the permissions when executing commands allowing a member with no permissions to post a message in a channel to act...

Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threa...

Mattermost fails to check if an admin user account active after an oauth2 flow is started, allowing an attacker with admin privileges to retain persis...

When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary...

Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log...

Mattermost fails to sanitize ephemeral error messages, allowing an attacker to obtain arbitrary message contents by a specially crafted /groupmsg comm...

Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-se...

Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink ...

Mattermost fails to unescape Markdown strings in a memory-efficient way, allowing an attacker to cause a Denial of Service by sending a message contai...

A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attack...

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of s...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ko Takagi Simple Slug Translate plugin <= 2.7.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Arya Multipurpose theme <= 1.0.5 versions.

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in psicosi448 wp2syslog plugin <= 1.0.5 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nicolly WP No External Links plugin <= 1.0.2 versions.

Cross-site Scripting (XSS) - DOM in GitHub repository saleor/react-storefront prior to c29aab226f07ca980cc19787dcef101e11b83ef7.

A Huawei sound box product has an out-of-bounds write vulnerability. Attackers can exploit this vulnerability to cause buffer overflow. Affected produ...

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attack...

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to ...

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions ...

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to ...

Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: ...

Simple Customer Relationship Management 1.0 is vulnerable to SQL Injection via the email parameter.

The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection.

The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed dat...

In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interface discloses web password.

The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter.

xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability al...

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for ...

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containi...

rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL...

A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service ...

jfinal CMS 5.1.0 has an arbitrary file read vulnerability.

jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.

jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.

TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4.

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN ...

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardenings from a...

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardenings from t...

There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can...

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could...

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change (factory-time i...

A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the use...

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a...

A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 a...

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially ...

HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.

A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.

The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.

A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML...

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flowe...

An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line...

An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, suc...

OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`,...

Microsoft Publisher Remote Code Execution Vulnerability

Microsoft Publisher Remote Code Execution Vulnerability

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type ...

Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string.

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. An Unrestricted File Upload vulnerability has been identified in ...

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST...

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identi...

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. Two SQL Injection vectors have been identified in the REST API. B...

Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.

A vulnerability was found in C-DATA Web Management System up to 20230607. It has been classified as critical. This affects an unknown part of the file...

A vulnerability was found in Ruijie RG-EW1200G EW_3.0(1)B11P204. It has been declared as critical. This vulnerability affects unknown code of the file...

A vulnerability was found in miniCal 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /booking/show_bookin...

A vulnerability classified as problematic has been found in whaleal IceFrog 1.1.8. Affected is an unknown function of the component Aviator Template E...

A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown func...

A vulnerability, which was classified as critical, has been found in code-projects Agro-School Management System 1.0. Affected by this issue is some u...

A vulnerability, which was classified as problematic, was found in PuneethReddyHC online-shopping-system-advanced 1.0. This affects an unknown part of...

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.

An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload.

_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that a...

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member.

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet.

A stored cross-site scripting (XSS) vulnerability in Eyoucms v1.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in...

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigg...

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by d...

A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lserverc...

A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a clien...

In Siren Investigate before 13.2.2, session keys remain active even after logging out.

FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks,...

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected ...

Stack-based buffer overflow vulnerability in V-Server v4.0.15.0 and V-Server Lite v4.0.15.0 and earlier allows an attacker to execute arbitrary code b...

Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to info...

Access of memory location after end of buffer issue exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead...

Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to info...

Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to inform...

Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM file may lead to information di...

Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to info...

Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information dis...

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allo...

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allo...

libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c.

JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryTableDictItemsByCode at org.jeecg.modules.api.c...

JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryFilterTableDictInfo at org.jeecg.modules.api.co...

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentic...

In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations. This vulnerability is mitigated by the fact ...

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *Thi...

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malici...

Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.

A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.

Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain c...

Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other ...

Memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of the...

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. Th...

The Responsive Tabs For WPBakery Page Builder (formerly Visual Composer) WordPress plugin through 1.1 does not validate and escape some of its shortco...

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/pos...

The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vuln...

An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.

A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects ...

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusio...

A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk wit...

Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those...

When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive...

The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a S...

The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may ...

The QuBot WordPress plugin before 1.1.6 doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard.

The QuBot WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per...

The QueryWall: Plug'n Play Firewall WordPress plugin through 1.1.1 does not properly sanitise and escape a parameter before using it in a SQL statemen...

The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it...

The Custom Base Terms WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as ...

The Conditional Menus WordPress plugin before 1.2.1 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cros...

The File Renaming on Upload WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users su...

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the `id` parameter for an Agent in the REST API before using it i...

The AI ChatBot WordPress plugin before 4.5.5 does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-S...

The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when uploading a resume via the resume_upload_form shortcode,...

The Social Share, Social Login and Social Comments WordPress plugin before 7.13.52 does not sanitise and escape a parameter before outputting it back ...

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the agents[] parameter in the set_add_agent_leaves AJAX function ...

The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users such as adm...

The Ultimate Dashboard WordPress plugin before 3.7.6 does not sanitise and escape some of its settings, which could allow high privilege users such as...

The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in t...

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from at...

When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in th...

Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we ...

Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

Unauth. SQL Injection (SQLi) vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin <= 3.1.23 versions.

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior...

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /d...

Auth. (author+) Broken Access Control vulnerability leading to Arbitrary File Deletion in Nabil Lemsieh Easy Media Replace plugin <= 0.1.3 versions.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injection.This issue affects...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Display Custom Fields – wpView plugin <= 1.3.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.

A vulnerability was found in SourceCodester Resort Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an un...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alain Gonzalez Google Map Shortcode plugin <= 3.1.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Backup Solutions WP Backup Manager plugin <= 1.13.1 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Beplus Sermon'e – Sermons Online plugin <= 1.0.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Seed Webs Seed Fonts plugin <= 2.3.1 versions.

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the...

A remote unprivileged attacker can modify and access configuration settings on the EventCam App due to the absence of API authentication. The lack of ...

A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyo...

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to...

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to di...

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious ap...

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information ...

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious ap...

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability.

Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to b...

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on t...

Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affe...

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on t...

nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform ab...

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core update...

Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormall...

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to r...

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on t...

PyBB is an open source bulletin board. A manual code review of the PyBB bulletin board server has revealed that a vulnerability could have been exploi...

NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server...

A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and ...

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to ...

SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss ...

SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious cod...

Missing permission checks in Jenkins Team Concert Plugin 2.4.1 and earlier allow attackers with Overall/Read permission to check for the existence of ...

The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing...

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in EventPrime plugin <= 3.0.5 versions.

Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default...

Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other user...

Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and p...

IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts coul...

When adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue ...

When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue ...

When adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue ...

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discov...

Attackers with access to the "documentconverterws" API were able to inject serialized Java objects, that were not properly checked during deserializat...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Vadym K. Extra User Details plugin <= 0.5 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Team Heateor Super Socializer plugin <= 7.13.52 versions.

Cloudflare WARP client for Windows (up to v2023.3.381.0) allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient a...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Internet Marketing Dojo WP Affiliate Links plugin <= 0.1.1 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions.

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and as...

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for ...

A vulnerability was found in PuneethReddyHC Online Shopping System Advanced 1.0. It has been declared as critical. Affected by this vulnerability is a...

Craft CMS through 4.4.9 is vulnerable to HTML Injection.

A vulnerability in Aeotec WallMote Switch firmware v2.3 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message.

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin <= 1.0.40 versions.

File upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter.

Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the q...

Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of ser...

SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/conten...

SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload...

Cross Site Request Forgery found in yzCMS v.2.0 allows a remote attacker to execute arbitrary code via the token check function.

SQL injection vulnerability found in Joyplus-cms v.1.6.0 allows a remote attacker to access sensitive information via the id parameter of the goodbad(...

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie informati...

Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the sav...

Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php.

Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/update_rows/user param...

File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter.

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editi...

File upload vulnerability in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary code and access sensitive information via the theme...

File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file.

Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote attacker to execute arbitrary code via the nickame parameter of the /post/ad...

Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote attacker to execute arbitrary code via the mermaid sytax.

File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function.

Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function.

Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges via the upd...

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter.

An issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache method of the function\common.func.php file.

Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php.

SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify functio...

File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir=rsd paramete...

Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board c...

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the _userlist function in framerwork/phpok_ca...

File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self c...

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an...

Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.

Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.

A vulnerability was found in SourceCodester Online School Fees System 1.0 and classified as critical. Affected by this issue is some unknown functiona...

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults ...

Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit ...

Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute any wiki content wit...

CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.

An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the retu...

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted ...

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as critical. Affected by this vulnerability is an unk...

Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contai...

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers...

There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator passwords through a Cross Site Request For...

An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administ...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gl_SPICE New Adman plugin <= 1.6.8 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin <= 2.9.1 versions.

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.

Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries exe...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Popup Box Team Popup box plugin <= 3.4.4 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Automattic - Jetpack CRM team Jetpack CRM plugin <= 5.4.4 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WpSimpleTools Manage Upload Limit plugin <= 1.0.4 versions.

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the pr...

Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup wi...

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenti...

Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent ...

A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`s...

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`,...

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disc...

Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z...

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0...

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buf...

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.

The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to lib.rs. NOTE: the Supplier disputes ...

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admi...

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buff...

A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request.

Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.

The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via...

IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access control...

IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a lo...

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expressio...

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privile...

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Shazzad Hossain Khan W4 Post List plugin <= 2.4.4 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plugin <= 6.5.1 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plugin <= 6.5.1 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.05.04 versions.

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in AGILELOGIX Store Locator WordPress plugin <= 1.4.9 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Kadiwala Tags Cloud Manager plugin <= 1.0.0 versions.

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Chill Brilliance theme <= 1.3.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prism Tech Studios Modern Footnotes plugin <= 1.4.15 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SMTP2GO – Email Made Easy plugin <= 1.4.2 versions.

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board plugin <= 2.0.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Drew Phillips VigilanTor plugin <= 1.3.10 versions.

Cross Site Scripting (XSS) vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device.

An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload.

An issue was discovered in /cgi-bin/login_rj.cgi in Wildix WSG24POE version 103SP7D190822, allows attackers to bypass authentication.

laravel-s 3.7.35 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPBakery Page Builder plugin <= 6.13.0 versions.

A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attacker...

Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Educa...

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A mal...

The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access ...

The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network a...

The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network acce...

Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Form Builder plugin <= 1.9.9.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Qumos MojoPlug Slide Panel plugin <= 1.1.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Neil Gee Smoothscroller plugin <= 1.0.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in OneWebsite WP Repost plugin <= 0.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Chirkov Advanced Text Widget plugin <= 2.1.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in eLightUp eRocket plugin <= 1.2.4 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 version...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 21.1.2 versions.

An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET reque...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms WPForms Lite (wpforms-lite), WPForms WPForms Pro (wpforms) plugins <= 1.8.1.2 ve...

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application are dynamically built using user's inputs....

Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx...

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.8 versions all...

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Bulk Stock Management plugin <= 2.2.33 versions.

Auth. (subscriber+) SQL Injection (SQLi) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize plugin <= 1.6.35 versions.

The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network ac...

When adding non-visible components to the UI in server side, content is sent to the browser in Vaadin 10.0.0 through 10.0.22, 11.0.0 through 14.10.0, ...

Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 ...

Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Grade Us, Inc. Review Stream plugin <= 1.6.5 versions.

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in xtemos WoodMart theme <= 7.2.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to site...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= 4.0.2 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robin Wilson bbp style pack plugin <= 5.5.5 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Telegram Bot & Channel plugin <= 3.6.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <= 2.5.20 versions.

Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows ...

Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a `livebook://` link from a...

Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox,...

An issue in the rel_sequences component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL s...

An issue in the __nss_database_lookup component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via craft...

An issue in the rel_deps component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statem...

An issue in the sql_trans_copy_key component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted ...

An issue in the log_create_delta component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause Denial of Service (DoS) via crafted SQL ...

An issue in the BLOBcmp component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL stateme...

An issue in the cs_bind_ubat component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL st...

An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL sta...

An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statemen...

An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL stateme...

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Overnight Quick/Bulk Order Form for WooCommerce plugin <= 3.5.7 versions.

There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of E...

funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a pass...

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files.

pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distri...

Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allo...

XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Ide...

libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality.

A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the...

When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login.

Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker t...

Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself ...

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Glob...

Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Wh...

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the com...

TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows...

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component ...

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause ...

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/Ac...

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/Qo...

Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials.

Cross Site Scripting (XSS) vulnerability in Neox Contact Center 2.3.9, via the serach_sms_api_name parameter to the SMA API search.

Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When multiple requests are sent in parallel, all of them...

An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack.

Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 an...

A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3....

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 ...

Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. T...

A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to tr...

Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthor...

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure.

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause t...

Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin p...

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and pri...

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients....

Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c.

Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page.

A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based r...

A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user wi...

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker...

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially e...

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to exec...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi ...

A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown func...

A vulnerability, which was classified as problematic, has been found in SourceCodester Game Result Matrix System 1.0. Affected by this issue is some u...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exp...

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to ...

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Poin...

Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by byp...

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to per...

A vulnerability, which was classified as critical, was found in SourceCodester Game Result Matrix System 1.0. This affects an unknown part of the file...

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vul...

An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCoo...

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP...

Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request t...

Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensi...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <= 1.2.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZApps CRM Memberships plugin <= 1.6 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.

Unauth. SQL Injection (SQLi) vulnerability in InspireUI MStore API plugin <= 3.9.7 versions.

Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrain...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until versions 14.4...

LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.

LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.

LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.

An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and the...

An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and the...

XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edi...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior...

FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the `Infinity` keyw...

An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameter date_from, date_to, and id_product allows a remote attacke...

An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and the...

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown...

XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscat...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.40m-2 and prior to vers...

XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a RES...

XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add d...

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Updat...

This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to read sensitive location i...

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Sh...

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3....

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, mac...

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferen...

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2,...

The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app ...

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba n...

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code executio...

NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical ac...

NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resultin...

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4...

The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura ...

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are s...

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Bi...

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. ...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and ...

A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges.

A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6,...

A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges.

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app ma...

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...

An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur ...

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventur...

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be a...

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a...

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Monterey ...

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...

The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of ...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ven...

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 an...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D ...

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An a...

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ve...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura ...

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadO...

A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a ...

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ven...

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventur...

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 15.7.6...

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, m...

The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to th...

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Ventur...

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4,...

The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. A person wi...

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey ...

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 an...

The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4....

This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Entitlements and priv...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iO...

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15....

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. An app may be a...

A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may b...

A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 1...

The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15....

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, ...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS M...

This issue was addressed with improved entitlements. This issue is fixed in tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6...

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 an...

A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS ...

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox.

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura ...

This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a ...

The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary...

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ven...

This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 1...

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, i...

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15...

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16...

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ve...

Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the ...

XWiki Platform is a generic wiki platform. Starting in version 5.4.4 and prior to versions 14.4.8, 14.10.4, and 15.0, a stored cross-site scripting vu...

A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-compone...

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. ...

Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role...

Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the p...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to perform an XSS by forging a ...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload...

Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1.

Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.

A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead ...

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an a...

In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote user (who has any OEM or OEE role) could perform a UR...

Tauri is a framework for building binaries for all major desktop platforms. The 1.4.0 release includes a regression on the Filesystem scope check for ...

Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the `@Entity` decorator, by setting it to a function that...

In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauth...

Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been ...

A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attackers to escalate privileges.

POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php.

POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter.

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tri...

The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh co...

Knowage is an open source analytics and business intelligence suite. Starting in version 6.0.0 and prior to version 8.1.8, an attacker can register an...

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability...

AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through A...

PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsan...

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 a...

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions...

Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid met...

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions...

Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 2...

OrangeScrum version 2.0.11 allows an external attacker to remotely obtain AWS instance credentials. This is possible because the application does not ...

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is con...

Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does no...

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs beca...

Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does no...

The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0....

The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lana_text_to_image' and 'lana_text_to_img' shortcode...

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up...

Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary fi...

In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass.

end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a de...

The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while...

A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknow...

it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interf...

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.

Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in,...

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, ov...

The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2...

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogF...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery ...

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin <= 5.4.3...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PI Websolution Conditional cart fee plugin <= 1....

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specia...

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed pa...

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically...

User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooC...

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Booking for Appointments and Events Calendar – Amelia plugin <= 1.0.75 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof theme <= 1.0.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress plugin <= 1.3.1 ...

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flyn San IFrame Shortcode plugin <= 1.0.5 versions.

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Zwaply Cryptocurrency All-in-One plugin <= 3.0.19 versions.

Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall...

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Martin SimpleModal Contact Form (SMCF) plugin <= 1.2.9 versions.

Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request.

MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal.

nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.

Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet.

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow.

A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary we...

The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivi...

Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page.

Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId p...

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow...

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow.

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow.

Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.

Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Ness...

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to exe...

Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function.

An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service v...

Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev4 allows remote attackers to run arbitrary code via uploa...

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arb...

An unauthenticated  denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted c...

A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited numbe...

BigBlueButton is an open source virtual classroom designed to help teachers teach and learners learn. In affected versions are affected by a Server-Si...

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows...

A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability ...

A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API.

A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to in...

A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API ...

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user mak...

OPenFGA is an open source authorization/permission engine built for developers. OpenFGA versions v1.1.0 and prior are vulnerable to a DoS attack when ...

An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA's Common Information Model (CIM) server that could result in read-...

DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized u...

H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a...

DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. Affected versions of DataEase has a...

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p...

Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to pot...

Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific e...

A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delet...

A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote atta...

A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to de...

Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and...

Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and...

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affec...

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affec...

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affect...

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affect...

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection t...

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection t...

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to ...

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to ...

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to ...

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to ...

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to ...

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to ...

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to ...

An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumsta...

An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumsta...

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privile...

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privile...

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive informat...

A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary fi...

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to ...

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to ...

An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate t...

An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate t...

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escal...

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escal...

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escal...

DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing auth...

A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may conta...

Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated ...

The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up C...

The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_h...

The MainWP Child plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.4.1.1 due to insufficient co...

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions u...

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions ...

Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0.

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Pro...

Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.Th...

A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scrip...

Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse depa...

The Editorial Calendar WordPress plugin before 3.8.3 does not sanitise and escape its settings, allowing users with roles as low as contributor to inj...

The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the pa...

The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as...

The USM-Premium WordPress plugin before 16.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin t...

The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are d...

The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities.

The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using t...

The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such a...

The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have ...

The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading t...

The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin t...

The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL inj...

The wpbrutalai WordPress plugin before 2.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL in...

The wpbrutalai WordPress plugin before 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cr...

The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege ...

The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cros...

The KiviCare WordPress plugin before 3.2.1 does not have proper CSRF and authorisation checks in various AJAX actions, allowing any authenticated user...

The KiviCare WordPress plugin before 3.2.1 does not have CSRF checks (either flawed or missing completely) in various AJAX actions, which could allow ...

The Ultimate Product Catalog WordPress plugin before 5.2.6 does not sanitise and escape some of its settings, which could allow high privilege users s...

The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employee_name parameter before outputting it back in the page, leading to a Re...

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoi...

The CodeColorer WordPress plugin before 0.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin...

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inven...

The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installi...

The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on...

An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All...

A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read an...

A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an ad...

A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacen...

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of se...

Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9.

Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.

IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...

Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript co...

Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct differ...

Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This c...

i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the timeout parameter on the login page.

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create ar...

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains ...

IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned t...

IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 248134.

IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus al...

IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-...

Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509...

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrar...

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrar...

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrar...

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrar...

A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF explo...

A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via...

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redi...

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration wh...

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilitie...

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction wi...

An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data.

A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administ...

Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary ...

An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/add...

Directory Traversal vulnerability found in Cryptoprof WCMS v.0.3.2 allows a remote attacker to execute arbitrary code via the wex/cssjs.php parameter.

IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tena...

Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to cr...

An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnerability that allows arbitrary code to be executed v...

Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via...

Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content...

A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability. Exploitation of this vulnerabilit...

A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to co...

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the f...

Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP,...

Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1...

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1...

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1...

The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to miss...

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test em...

The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.40. This is due to missing or inc...

Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails ...

Directory traversal vulnerability in Snow Monkey Forms v5.1.1 and earlier allows a remote unauthenticated attacker to delete arbitrary files on the se...

Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions <=2.0.44

A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), w...

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST reque...

A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST requ...

A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST reques...

AWS data.all is an open source development framework to help users build a data marketplace on Amazon Web Services. data.all versions 1.2.0 through 1....

Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spina prior to 2.15.1.

In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE.

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threa...

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Ga...

A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an...

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P) could al...

A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications ...

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Secu...

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Ga...

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execu...

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Wind...

A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switc...

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with...

A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication an...

D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized a...

A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST requ...

A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST re...

A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST reque...

A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST reque...

A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when driver code or the application using the...

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any lev...

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local...

In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no a...

there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges n...

In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of priv...

In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information ...

In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission...

In handle_set_parameters_ctrl of hal_socket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local infor...

In the Google BMS kernel module, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privile...

In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This coul...

In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalati...

In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local inf...

In BuildSetRadioNode of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local informat...

In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local inf...

In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege wit...

In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with ...

In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with ...

In BuildSetTcsFci of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local informati...

In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with ...

In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lea...

In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information dis...

In inviteInternal of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclos...

In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local i...

In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead...

In multiple functions of WifiCallingSettings.java, there is a possible way to change calling preferences for the admin user due to a permissions bypas...

In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. T...

In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. Thi...

In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This c...

In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of se...

In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing perm...

In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure ...

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. Th...

In xmlParseTryOrFinish of parser.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclo...

In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local informa...

In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This cou...

In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error...

In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. T...

In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest...

In LogResponse of Dns.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no a...

In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to l...

In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local informa...

In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to loc...

In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connecti...

In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. Th...

In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to imp...

In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no addition...

In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information discl...

In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to lo...

In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This co...

In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote info...

In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information...

In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information dis...

In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local inform...

In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial ...

In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to loca...

In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation ...

In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi s...

In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local informa...

In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local ...

In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalati...

In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local informat...

In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of p...

In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local i...

In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no addit...

In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi s...

In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local infor...

In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local informa...

there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclo...

there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclo...

In load_dt_data of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege ...

In LPP_ConvertGNSS_DataBitAssistance of LPP_CommonUtil.c, there is a possible out of bounds read due to a missing bounds check. This could lead to rem...

In ss_ProcessReturnResultComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to r...

there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. This could lead to local escalation of privi...

In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to rem...

In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation o...

In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insuffici...

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function actionExport of the file ?r=recrui...

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network D...

Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address.

Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web.

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).

Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/con...

An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the appli...

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of...

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cance...

An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1...

Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications ...

Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in wa...

Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.

Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity.

An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1, leading to a ReDoS vulnerability in the Jira prefix

D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method.

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.

D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts

PHPgurukl Small CRM v.1.0 is vulnerable to Cross Site Scripting (XSS).

PHPgurukl Hospital Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided f...

** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salt...

A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fa...

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with N...

A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detac...

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).

Guantang Equipment Management System version 4.12 is vulnerable to Arbitrary File Upload.

Interactsh is an open-source tool for detecting out-of-band interactions. Domains configured with interactsh server prior to version 1.0.0 were vulner...

A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system.

A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system...

An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can c...

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 and 6.2.1, an attacker...

Multiple cross-site scripting (XSS) vulnerabilities were discovered in Church CRM v4.5.3 in GroupReports.php via GroupRole, ReportModel, and OnlyCart ...

Chemex through 3.7.1 is vulnerable to arbitrary file upload.

Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET request.

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition.

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version...

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header In...

The Short URL plugin for WordPress is vulnerable to stored Cross-Site Scripting via the 'comment' parameter due to insufficient input sanitization and...

The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions u...

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbi...

Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper ...

A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local attacker to...

Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting (XSS) .

The "Submission Web Form" of Turnitin LTI tool/plugin version 1.3 is affected by HTML Injection attacks. The security issue affects the submission web...

A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive informatio...

Microsoft Edge (Chromium-based) Spoofing Vulnerability

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Injection in versions up to, and including, 4.1.5. This...

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL...

A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There ...

itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved b...

itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password inp...

Property Cloud Platform Management Center 1.0 is vulnerable to error-based SQL injection.

A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file inde...

A vulnerability was found in SourceCodester Shopping Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown funct...

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be ...

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deplo...

Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation f...

Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript cod...

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain ...

Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1.

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.

An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system ...

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an ...

The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversa...

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and DeploymentPackage_v3.04r2-Jellyfish and TCG-4lite Co...

An issue was discovered in the GoogleAnalyticsMetrics extension for MediaWiki through 1.39.3. The googleanalyticstrackurl parser function does not pro...

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using th...

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the "get edits" type is vulnerable t...

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. It allows one to store javascript: URLs in URL fields, and automatically ...

A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.

Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.

The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account.

ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to stored Cross Site Scripting (XSS).

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently co...

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Develo...

Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.1-rc4 an improper conf...

ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to reflected Cross-Site Scripting (XSS).

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.

An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot.

libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop c...

libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be bi...

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that ...

Xwiki commons is the common modules used by other XWiki top level projects. The HTML sanitizer that is included in XWiki since version 14.6RC1 allowed...

requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code vi...

py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a craf...

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an XWiki installation is upgraded and th...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile ...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By either creating a new or editing an existi...

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information ...

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been classified as problematic. Affected is an unknown function of the...

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unk...

Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device.

A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733.

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.2.

File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges.

The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verificati...

Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via t...

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This...

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0....

Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote auth...

Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated...

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.

All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file.

Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticat...

Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an ad...

Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to us...

Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for th...

WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands w...

Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to e...

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may ...

A vulnerability, which was classified as critical, was found in Campcodes Retro Cellphone Online Store 1.0. Affected is an unknown function of the fil...

A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functio...

A vulnerability was found in SimplePHPscripts Event Script 2.1 and classified as problematic. Affected by this issue is some unknown functionality of ...

A vulnerability was found in SimplePHPscripts GuestBook Script 2.2. It has been classified as problematic. This affects an unknown part of the file pr...

A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /cont...

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.

A vulnerability classified as critical was found in IBOS OA 4.5.5. Affected by this vulnerability is the function actionEdit of the file ?r=dashboard/...

The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed tha...

Joplin before 2.11.5 allows XSS via a USE element in an SVG document.

Joplin before 2.11.5 allows XSS via an AREA element of an image map.

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), w...

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability.

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Req...

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature ...

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.

An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibil...

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the int...

An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also r...

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain situations, an attempt to block a user fails after a tempo...

An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature.

An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and ...

MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of th...

In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.

pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (whi...

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namesp...

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages ...

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who...

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnera...

Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer.

Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks...

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitra...

A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repo...

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reu...

Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependenc...

Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, ...

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood...

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in th...

A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to bu...

Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local user...

A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiff...

com.perimeter81.osx.HelperTool in Perimeter81 10.0.0.19 on macOS allows Local Privilege Escalation (to root) via shell metacharacters in usingCAPath.

A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.

SQL Injection in GitHub repository fossbilling/fossbilling prior to 0.5.3.

Unrestricted Upload of File with Dangerous Type in GitHub repository fossbilling/fossbilling prior to 0.5.3.

Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilling prior to 0.5.3.

An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the devi...

OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing...