Vulnerability Summary for the Week of February 13, 2023

Released
Feb 24, 2023
Document ID
SB23-052

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

Please share your thoughts.
We recently updated our anonymous Product Feedback; we'd welcome your feedback.
 

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
baicells -- neutrino_430_firmwareBaicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce.2023-02-1110CVE-2023-0776
MISC
webbuildersgroup -- silverstripe-kapost-bridgeA vulnerability was found in webbuilders-group silverstripe-kapost-bridge 0.3.3. It has been declared as critical. Affected by this vulnerability is the function index/getPreview of the file code/control/KapostService.php. The manipulation leads to sql injection. The attack can be launched remotely. Upgrading to version 0.4.0 is able to address this issue. The name of the patch is 2e14b0fd0ea35034f90890f364b130fb4645ff35. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220471.2023-02-109.8CVE-2015-10077
MISC
MISC
MISC
MISC
apsystems -- ecu-r_firmwareCommand injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.2023-02-109.8CVE-2022-45699
MISC
MISC
codenameone -- codename_oneA vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remotely. Upgrading to version 7.0.71 is able to address this issue. The name of the patch is dad49c9ef26a598619fc48d2697151a02987d478. It is recommended to upgrade the affected component. VDB-220470 is the identifier assigned to this vulnerability.2023-02-109.8CVE-2022-4903
MISC
MISC
MISC
MISC
MISC
medical_certificate_generator_app_project -- medical_certificate_generator_appA vulnerability has been found in SourceCodester Medical Certificate Generator App 1.0 and classified as critical. This vulnerability affects unknown code of the file action.php. The manipulation of the argument lastname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-220558 is the identifier assigned to this vulnerability.2023-02-109.8CVE-2023-0774
MISC
MISC
MISC
modoboa -- modoboaAuthentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.2023-02-109.8CVE-2023-0777
MISC
CONFIRM
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability2023-02-149.8CVE-2023-21689
MISC
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability2023-02-149.8CVE-2023-21690
MISC
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability2023-02-149.8CVE-2023-21692
MISC
microsoft -- multiple_productsMicrosoft Word Remote Code Execution Vulnerability2023-02-149.8CVE-2023-21716
MISC
microsoft -- windows_10/server_2008Windows iSCSI Discovery Service Remote Code Execution Vulnerability2023-02-149.8CVE-2023-21803
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter.2023-02-109.8CVE-2023-24348
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute.2023-02-109.8CVE-2023-24349
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.2023-02-109.8CVE-2023-24350
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS.2023-02-109.8CVE-2023-24352
MISC
MISC
wago -- unmanaged_switch_852-111/000-001In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.2023-02-169.1CVE-2022-3843
MISC
keystorage -- global_facilities_management_softwareHardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.2023-02-109.1CVE-2022-45766
MISC
orangelab -- imagemagick_engineThe ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site administrator into performing an action such as clicking on a link, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.2023-02-108.8CVE-2022-3568
MISC
MISC
MISC
MISC
sierrawireless -- aleosAcemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.2023-02-108.8CVE-2022-46649
MISC
MISC
MISC
pinpoint -- pinpoint_booking_systemThe Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks.2023-02-138.8CVE-2023-0220
MISC
shortpixel -- enable_media_replaceThe Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.2023-02-138.8CVE-2023-0255
MISC
ljapps -- wp_google_review_sliderThe WP Google Review Slider WordPress plugin before 11.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.2023-02-138.8CVE-2023-0259
MISC
ljapps -- wp_review_sliderThe WP Review Slider WordPress plugin before 12.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.2023-02-138.8CVE-2023-0260
MISC
ljapps -- wp_tripadvisor_review_sliderThe WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.2023-02-138.8CVE-2023-0261
MISC
ljapps -- wp_airbnb_review_sliderThe WP Airbnb Review Slider WordPress plugin before 3.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.2023-02-138.8CVE-2023-0262
MISC
ljapps -- wp_yelp_review_sliderThe WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.2023-02-138.8CVE-2023-0263
MISC
ampache -- ampacheSQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop.2023-02-108.8CVE-2023-0771
CONFIRM
MISC
microsoft -- multiple_productsMicrosoft Exchange Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21529
MISC
microsoft -- multiple_productsMicrosoft PostScript Printer Driver Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21684
MISC
microsoft -- multiple_productsMicrosoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21685
MISC
microsoft -- multiple_productsMicrosoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21686
MISC
microsoft -- sql_serverMicrosoft SQL Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21705
MISC
microsoft -- multiple_productsMicrosoft Exchange Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21706
MISC
microsoft -- multiple_productsMicrosoft Exchange Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21707
MISC
microsoft -- sql_serverMicrosoft SQL Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21713
MISC
microsoft -- multiple_productsMicrosoft SharePoint Server Elevation of Privilege Vulnerability2023-02-148.8CVE-2023-21717
MISC
microsoft -- multiple_productsMicrosoft ODBC Driver Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21797
MISC
microsoft -- multiple_productsMicrosoft ODBC Driver Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21798
MISC
microsoft -- multiple_productsMicrosoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability2023-02-148.8CVE-2023-21799
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule.2023-02-108.8CVE-2023-24343
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup.2023-02-108.8CVE-2023-24344
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.2023-02-108.8CVE-2023-24345
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3.2023-02-108.8CVE-2023-24346
MISC
MISC
dlink -- dir-605l_firmwareD-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus.2023-02-108.8CVE-2023-24347
MISC
MISC
microsoft -- azure_stackAzure App Service on Azure Stack Hub Elevation of Privilege Vulnerability2023-02-148.7CVE-2023-21777
MISC
microsoft -- visual_studioVisual Studio Remote Code Execution Vulnerability2023-02-148.4CVE-2023-21815
MISC
microsoft -- visual_studioVisual Studio Remote Code Execution Vulnerability2023-02-148.4CVE-2023-23381
MISC
microsoft -- dynamics_365Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability2023-02-148.3CVE-2023-21778
MISC
microsoft -- edgeMicrosoft Edge (Chromium-based) Remote Code Execution Vulnerability2023-02-148.3CVE-2023-23374
MISC
microsoft -- power_bi_report_serverPower BI Report Server Spoofing Vulnerability2023-02-148.2CVE-2023-21806
MISC
microsoft -- sql_serverMicrosoft SQL Server Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21528
MISC
microsoft -- visual_studioVisual Studio Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21566
MISC
adobe -- photoshopPhotoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21574
MISC
adobe -- photoshopPhotoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21575
MISC
adobe -- photoshopPhotoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21576
MISC
adobe -- framemakerFrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21619
MISC
adobe -- framemakerFrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21621
MISC
adobe -- framemakerFrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-21622
MISC
microsoft -- multiple_productsNT OS Kernel Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21688
MISC
microsoft -- sql_serverMicrosoft ODBC Driver for SQL Server Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21704
MISC
microsoft -- sql_serverMicrosoft SQL ODBC Driver Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21718
MISC
microsoft -- windows_server_2008Windows Installer Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21800
MISC
microsoft -- multiple_productsMicrosoft PostScript Printer Driver Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21801
MISC
microsoft -- multiple_productsWindows Media Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21802
MISC
microsoft -- multiple_productsWindows Graphics Component Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21804
MISC
microsoft -- multiple_productsWindows MSHTML Platform Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21805
MISC
microsoft -- multiple_products.NET and Visual Studio Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21808
MISC
microsoft -- defender_security_intelligence_updatesMicrosoft Defender for Endpoint Security Feature Bypass Vulnerability2023-02-147.8CVE-2023-21809
MISC
microsoft -- multiple_productsWindows Common Log File System Driver Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21812
MISC
microsoft -- multiple_productsWindows Kerberos Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21817
MISC
microsoft -- multiple_productsWindows Graphics Component Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-21822
MISC
microsoft -- multiple_productsWindows Graphics Component Remote Code Execution Vulnerability2023-02-147.8CVE-2023-21823
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22226
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22227
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22228
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22229
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22230
MISC
adobe -- premiere_rushAdobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22234
MISC
adobe -- animateAdobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22236
MISC
adobe -- after_affectsAfter Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22237
MISC
adobe -- after_affectsAfter Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22238
MISC
adobe -- after_affectsAfter Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22239
MISC
adobe -- animateAdobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22243
MISC
adobe -- premiere_rush
 		Adobe Premiere Rush version 2.6 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22244
MISC
adobe -- animate
 		Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-177.8CVE-2023-22246
MISC
microsoft -- multiple_productsWindows Common Log File System Driver Elevation of Privilege Vulnerability2023-02-147.8CVE-2023-23376
MISC
microsoft -- 3d_builder3D Builder Remote Code Execution Vulnerability2023-02-147.8CVE-2023-23377
MISC
microsoft -- print_3dPrint 3D Remote Code Execution Vulnerability2023-02-147.8CVE-2023-23378
MISC
microsoft -- 3d_builder
 		3D Builder Remote Code Execution Vulnerability2023-02-147.8CVE-2023-23390
MISC
dell -- alienware_command_centerDell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.2023-02-107.8CVE-2023-24569
MISC
wprealize -- extensive_vc_addons_for_wpbakery_page_builderThe Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system.2023-02-137.5CVE-2023-0159
MISC
microsoft -- azure_devops_serverAzure DevOps Server Remote Code Execution Vulnerability2023-02-147.5CVE-2023-21553
MISC
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability2023-02-147.5CVE-2023-21691
MISC
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability2023-02-147.5CVE-2023-21695
MISC
microsoft -- multiple_productsWindows iSCSI Discovery Service Denial of Service Vulnerability2023-02-147.5CVE-2023-21700
MISC
microsoft -- multiple_productsMicrosoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability2023-02-147.5CVE-2023-21701
MISC
microsoft -- multiple_productsWindows iSCSI Service Denial of Service Vulnerability2023-02-147.5CVE-2023-21702
MISC
microsoft -- multiple_productsWindows iSCSI Service Denial of Service Vulnerability2023-02-147.5CVE-2023-21811
MISC
microsoft -- multiple_productsWindows Secure Channel Denial of Service Vulnerability2023-02-147.5CVE-2023-21813
MISC
microsoft -- multiple_productsWindows Active Directory Domain Services API Denial of Service Vulnerability2023-02-147.5CVE-2023-21816
MISC
microsoft -- multiple_productsWindows Secure Channel Denial of Service Vulnerability2023-02-147.5CVE-2023-21818
MISC
microsoft -- multiple_productsWindows Secure Channel Denial of Service Vulnerability2023-02-147.5CVE-2023-21819
MISC
apache -- nifiThe ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations and disallows XML External Entity resolution in the ExtractCCDAAttributes Processor.2023-02-107.5CVE-2023-22832
MISC
MISC
microsoft -- multiple_productsWindows Distributed File System (DFS) Remote Code Execution Vulnerability2023-02-147.4CVE-2023-21820
MISC
microsoft -- sql_serverMicrosoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability2023-02-147.3CVE-2023-21568
MISC
microsoft -- 365_apps_for_enterpriseMicrosoft Publisher Security Features Bypass Vulnerability2023-02-147.3CVE-2023-21715
MISC
microsoft -- exchange_server_2016/exchange_server_2019Microsoft Exchange Server Remote Code Execution Vulnerability2023-02-147.2CVE-2023-21710
MISC
microsoft -- azure_devops_serverAzure DevOps Server Cross-Site Scripting Vulnerability2023-02-147.1CVE-2023-21564
MISC
dell -- alienware_updateDell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete.2023-02-107.1CVE-2023-23698
MISC
dell -- command_\|_monitorDell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.2023-02-107.1CVE-2023-24573
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
microsoft -- multiple_productsWindows Fax Service Remote Code Execution Vulnerability2023-02-146.8CVE-2023-21694
MISC
dell -- emc_powerscale_onefsDell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.2023-02-106.7CVE-2022-34454
MISC
cozmoslabs -- profile_builderThe Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the [user_meta] shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that shortcode. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to retrieve sensitive user meta that can be used to gain access to a high privileged user account. This does require the Usermeta shortcode be enabled to be exploited.2023-02-146.5CVE-2023-0814
MISC
MISC
microsoft -- dynamics_365Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability2023-02-146.5CVE-2023-21572
MISC
microsoft -- azure_data_box/azure_stack_edgeAzure Data Box Gateway Remote Code Execution Vulnerability2023-02-146.5CVE-2023-21703
MISC
microsoft -- onenoteMicrosoft OneNote Spoofing Vulnerability2023-02-146.5CVE-2023-21721
MISC
microsoft -- azure_machine_learningAzure Machine Learning Compute Instance Information Disclosure Vulnerability2023-02-146.5CVE-2023-23382
MISC
microsoft -- defender_for_iotMicrosoft Defender for IoT Elevation of Privilege Vulnerability2023-02-146.4CVE-2023-23379
MISC
microsoft -- multiple_productsWindows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability2023-02-146.2CVE-2023-21697
MISC
farsight -- provide_serverCross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form.2023-02-106.1CVE-2023-23286
MISC
MISC
microsoft -- dynamics_365Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability2023-02-145.8CVE-2023-21807
MISC
microsoft -- multiple_productsMicrosoft PostScript Printer Driver Information Disclosure Vulnerability2023-02-145.7CVE-2023-21693
MISC
microsoft -- visual_studioVisual Studio Denial of Service Vulnerability2023-02-145.6CVE-2023-21567
MISC
dell -- r6515_firmwareDell PowerEdge BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.2023-02-105.5CVE-2022-34376
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.2023-02-135.5CVE-2023-0795
MISC
CONFIRM
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.2023-02-135.5CVE-2023-0796
CONFIRM
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.2023-02-135.5CVE-2023-0797
MISC
MISC
CONFIRM
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.2023-02-135.5CVE-2023-0798
CONFIRM
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.2023-02-135.5CVE-2023-0799
CONFIRM
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.2023-02-135.5CVE-2023-0800
CONFIRM
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.2023-02-135.5CVE-2023-0801
MISC
MISC
CONFIRM
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.2023-02-135.5CVE-2023-0802
CONFIRM
MISC
MISC
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.2023-02-135.5CVE-2023-0803
MISC
MISC
CONFIRM
libtiff -- libtiffLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.2023-02-135.5CVE-2023-0804
MISC
MISC
CONFIRM
adobe -- photoshopPhotoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21577
MISC
adobe -- photoshopPhotoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21578
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21583
MISC
adobe -- framemakerFrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21584
MISC
adobe -- indesignAdobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21593
MISC
adobe -- framemakerFrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-21620
MISC

microsoft -- server_2022/windows_11

HTTP.sys Information Disclosure Vulnerability2023-02-145.5CVE-2023-21687
MISC
microsoft -- office/365_apps_for_enterpriseMicrosoft Office Information Disclosure Vulnerability2023-02-145.5CVE-2023-21714
MISC
adobe -- bridgeAdobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-22231
MISC
adobe -- after_affectsAfter Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2023-02-175.5CVE-2023-22233
MISC
pickplugins -- product_slider_for_woocommerceThe Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0166
MISC
zohocorp -- zoho_formsThe Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0169
MISC
wpdevart -- social_like_box_and_pageThe Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0177
MISC
yamaps_project -- yamapsThe YaMaps for WordPress Plugin WordPress plugin before 0.6.26 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0270
MISC
tipsandtricks-hq -- easy_accept_payments_for_paypalThe Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0275
MISC
templatesnext -- templatesnext_toolkitThe TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-135.4CVE-2023-0333
MISC
shapedplugin -- location_weatherThe Location Weather WordPress plugin before 1.3.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0360
MISC
themify -- portfolio_postThemify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-135.4CVE-2023-0362
MISC
smartwp -- lightweight_accordionThe Lightweight Accordion WordPress plugin before 1.5.15 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-135.4CVE-2023-0373
MISC
rebelcode -- spotlight_social_feedsThe Spotlight Social Feeds WordPress plugin before 1.4.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-135.4CVE-2023-0379
MISC
microsoft -- dynamics_365Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability2023-02-145.4CVE-2023-21570
MISC
microsoft -- dynamics_365Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability2023-02-145.4CVE-2023-21571
MISC
microsoft -- dynamics_365Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability2023-02-145.4CVE-2023-21573
MISC
huawei -- e5573cs-322_firmwareThere is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.2023-02-105.3CVE-2018-7935
MISC
microsoft -- multiple_productsWindows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability2023-02-145.3CVE-2023-21699
MISC
microsoft -- edgeMicrosoft Edge (Chromium-based) Tampering Vulnerability2023-02-145.3CVE-2023-21720
MISC
adobe -- connectAdobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction.2023-02-175.3CVE-2023-22232
MISC
sierrawireless -- aleosAcemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.2023-02-104.9CVE-2022-46650
MISC
MISC
MISC
dell -- emc_powerscale_onefsDell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields.2023-02-104.8CVE-2022-33934
MISC
formwork_project -- formworkA stored cross-site scripting (XSS) vulnerability in the component /formwork/panel/dashboard of Formwork v1.12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page title parameter.2023-02-104.8CVE-2023-24230
MISC
MISC
inventory_management_system_project -- inventory_management_systemA stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/categories.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Categories Name parameter.2023-02-104.8CVE-2023-24231
MISC
MISC
inventory_management_system_project -- inventory_management_systemA stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.2023-02-104.8CVE-2023-24232
MISC
MISC
inventory_management_system_project -- inventory_management_systemA stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Client Name parameter.2023-02-104.8CVE-2023-24233
MISC
MISC
inventory_management_system_project -- inventory_management_systemA stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter.2023-02-104.8CVE-2023-24234
MISC
MISC
microsoft -- multiple_products.NET Framework Denial of Service Vulnerability2023-02-144.4CVE-2023-21722
MISC
gptaipower -- gpt_ai_powerThe GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts.2023-02-134.3CVE-2023-0405
MISC
microsoft -- edgeMicrosoft Edge (Chromium-based) Spoofing Vulnerability2023-02-144.3CVE-2023-21794
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
dell -- powerpath_management_appliancePowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.2023-02-102.7CVE-2022-34452
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
walrusirc -- walrusircA vulnerability was found in juju2143 WalrusIRC 0.0.2. It has been rated as problematic. This issue affects the function parseLinks of the file public/parser.js. The manipulation of the argument text leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 0.0.3 is able to address this issue. The name of the patch is 45fd885895ae13e8d9b3a71e89d59768914f60af. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-220751.2023-02-13not yet calculatedCVE-2015-10079
MISC
MISC
MISC
MISC

mozilla -- fierfox_for_ios

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.2023-02-16not yet calculatedCVE-2019-17003
MISC

mozilla -- fierfox_esr

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.2023-02-16not yet calculatedCVE-2020-12413
MISC
MISC
mvp-player -- mvpAn issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.2023-02-17not yet calculatedCVE-2020-19824
MISC
kimai2 -- kimai2Cross Site Scripting (XSS) vulnerability in kevinpapst kimai2 1.30.0 in /src/Twig/Runtime/MarkdownExtension.php, allows attackers to gain escalated privileges.2023-02-15not yet calculatedCVE-2020-19825
MISC
MISC
kliqqi-cms -- kliqqi-cmsSQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordIDValue parameter, allows attackers to gain escalated privileges and execute arbitrary code.2023-02-15not yet calculatedCVE-2020-21119
MISC
uqcms -- uqcmsSQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num.2023-02-15not yet calculatedCVE-2020-21120
MISC
MISC
online_doctor_appointment_booking_system -- online_doctor_appointment_booking_systemSQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.2023-02-17not yet calculatedCVE-2020-29168
MISC
MISC
MISC
kong -- lua-multipartA vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The name of the patch is d632e5df43a2928fd537784a99a79dec288bf01b. It is recommended to upgrade the affected component. VDB-220642 is the identifier assigned to this vulnerability.2023-02-12not yet calculatedCVE-2020-36661
MISC
MISC
MISC
MISC
MISC
mozilla -- bleachbleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).2023-02-16not yet calculatedCVE-2020-6817
MISC
MISC
intel -- 3rd_gen_intel_xeon_scalable_processorImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.2023-02-16not yet calculatedCVE-2021-0187
MISC

mozilla -- bleach

A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.2023-02-16not yet calculatedCVE-2021-23980
MISC
MISC
vivo -- frame_serviceThe framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions.2023-02-17not yet calculatedCVE-2021-26277
CONFIRM
phpfusion -- phpfusionAn issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature.2023-02-17not yet calculatedCVE-2021-3172
MISC
MISC
libraw -- librawBuffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.2023-02-17not yet calculatedCVE-2021-32142
MISC
MISC
MISC
MISC
mosn -- mosnAuthentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.2023-02-17not yet calculatedCVE-2021-32163
MISC
MISC
schism_tracker -- schism_trackerAn issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.2023-02-17not yet calculatedCVE-2021-32419
MISC
MISC
exponent-cms -- exponent-cmsSQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class.2023-02-17not yet calculatedCVE-2021-32441
MISC
MISC
moby -- hyperkitHyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, `virtio.c` has is a call to `vc_cfgread` that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit df0e46c7dbfd81a957d85e449ba41b52f6f7beb4.2023-02-17not yet calculatedCVE-2021-32843
MISC
MISC
CONFIRM
moby -- hyperkitHyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, ` vi_pci_write` has is a call to `vc_cfgwrite` that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit 451558fe8aaa8b24e02e34106e3bb9fe41d7ad13.2023-02-17not yet calculatedCVE-2021-32844
MISC
MISC
CONFIRM
moby -- hyperkitHyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of `qnotify` at `pci_vtrnd_notify` fails to check the return value of `vq_getchain`. This leads to `struct iovec iov;` being uninitialized and used to read memory in `len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len);` when an attacker is able to make `vq_getchain` fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.2023-02-17not yet calculatedCVE-2021-32845
MISC
MISC
CONFIRM
moby -- hyperkitHyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function `pci_vtsock_proc_tx` in `virtio-sock` can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to `VTSOCK_MAXSEGS`, but that check is not sufficient because the function can return `-1` if it finds an error it cannot recover from. Moreover, the negative return value will be used by `iovec_pull` in a while condition that can further lead to more corruption because the function is not designed to handle a negative `iov_len`. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit af5eba2360a7351c08dfd9767d9be863a50ebaba.2023-02-17not yet calculatedCVE-2021-32846
MISC
MISC
CONFIRM
intel -- ofu_softwareImproper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2021-33104
MISC
saltstack -- saltstackBuffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file.2023-02-17not yet calculatedCVE-2021-33226
MISC
ymfe -- yapoCross Site Scripting vulnerability in YMFE yapo v1.9.1 allows attacker to execute arbitrary code via the remark parameter of the interface edit page.2023-02-17not yet calculatedCVE-2021-33237
MISC
virtualsquare -- pictotcpDouble Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.2023-02-15not yet calculatedCVE-2021-33304
MISC
htacg -- html_tidyAn issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.2023-02-17not yet calculatedCVE-2021-33391
MISC
baijiacms -- baijiacmsCross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.2023-02-15not yet calculatedCVE-2021-33396
MISC
cms-corephp -- cms-corephp
 		SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a crafted login.2023-02-15not yet calculatedCVE-2021-33925
MISC
plone -- plone_cms
 		An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet.2023-02-17not yet calculatedCVE-2021-33926
MISC
MISC
MISC
fantasticlbp -- hotels_serverSQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter.2023-02-17not yet calculatedCVE-2021-33948
MISC
feminer -- wms
 		An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function.2023-02-17not yet calculatedCVE-2021-33949
MISC
openkm -- document_management_systemAn issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.2023-02-17not yet calculatedCVE-2021-33950
MISC
MISC
MISC
dvidelabs -- flatccBuffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function.2023-02-17not yet calculatedCVE-2021-33983
MISC
seopanel -- seopanelSQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information.2023-02-15not yet calculatedCVE-2021-34117
MISC
MISC
MISC
lizhifaka -- lizhifakaPermissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location.2023-02-17not yet calculatedCVE-2021-34164
MISC
ttyd -- ttydAn issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions.2023-02-17not yet calculatedCVE-2021-34182
MISC
yupoxion -- bearadminFile Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint.2023-02-17not yet calculatedCVE-2021-35261
MISC
dataease -- dataeaseSQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10.2023-02-15not yet calculatedCVE-2021-38239
MISC
flatcore -- flatcore-cmsCross site scripting (XSS) vulnerability in flatCore-CMS 2.2.15 allows attackers to execute arbitrary code via description field on the new page creation form.2023-02-16not yet calculatedCVE-2021-40555
MISC
fortinet -- fortiwebMultiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.2023-02-16not yet calculatedCVE-2021-42756
MISC
fortinet -- fortiwebA condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session.2023-02-16not yet calculatedCVE-2021-42761
MISC
fortinet -- multiple_productsAn improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.2023-02-16not yet calculatedCVE-2021-43074
MISC
mozilla -- thunderbirdThunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.2023-02-16not yet calculatedCVE-2021-43529
MISC
mruby -- mrubyAn Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash.2023-02-14not yet calculatedCVE-2021-46023
MISC
mozilla -- mozilla_pollbotThere was an open redirection vulnerability pollbot, which was used in https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/ An attacker could have redirected anyone to malicious sites.2023-02-16not yet calculatedCVE-2022-0637
MISC
MISC
cisco -- clamavA vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.2023-02-17not yet calculatedCVE-2022-20803
CISCO
crypto -- crypto_api_toolkit_for_intel_sgxImproper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-21163
MISC
intel -- atom/xeon_scalable_processorsInsufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.2023-02-16not yet calculatedCVE-2022-21216
MISC
dell -- emc_unityDell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.2023-02-14not yet calculatedCVE-2022-22564
MISC
intel -- oneapi_data_analytics_library/oneapi_base_toolkitUncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-25905
MISC
glance -- glanceVersions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).2023-02-13not yet calculatedCVE-2022-25937
MISC
MISC
usememos -- memosAll versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.2023-02-15not yet calculatedCVE-2022-25978
MISC
MISC
MISC
intel -- c++_compiler_classicImproper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler Classic before version 2021.6 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-25987
MISC
intel -- oneapi_toolkits_oneapi-cliInsecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-25992
MISC
intel -- distribution_for_python_programming_language_for_intel_oneapi_toolkitsUncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26032
MISC
intel -- mpi_library_for_intel_oneapi_hpc_toolkitUncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26052
MISC
intel -- trace_analyzer_and_collector_for_intel_oneapi_hpcUncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26062
MISC
intel -- oneapi_deep_neural_networkUncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26076
MISC
fortinet -- fortisandboxA use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox before 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.2023-02-16not yet calculatedCVE-2022-26115
MISC
intel -- multiple_productsImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26343
MISC
intel -- oneapi_toolkit_openmpUncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26345
MISC
intel -- dpc++/c++_compilerUncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26421
MISC
intel -- oneapi_collective_communications_library/oneapi_base_toolkitUncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26425
MISC
intel -- sgx_sdkImproper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-26509
MISC
intel -- fpga_add-on_for_intel_oneapi_base_toolkitUncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26512
MISC
intel -- multiple_productsImproper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26837
MISC
intel -- quartus_prime_pro_and_standard_editionsImproper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-26840
MISC
intel -- sgx_sdk_software_for_linuxInsufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-26841
MISC
intel -- dpc++/c++_compilerInsufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-26843
MISC
intel -- quartus_prime_pro_and_standard_editionsCross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-26888
MISC
intel -- media_sdkProtection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-27170
MISC
intel -- computer_vision_annotation_toolServer-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.2023-02-16not yet calculatedCVE-2022-27234
MISC
fortinet -- fortiadcA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as `root` via CLI commands.2023-02-16not yet calculatedCVE-2022-27482
MISC
fortinet -- fortiextenderA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.2023-02-16not yet calculatedCVE-2022-27489
MISC
intel -- ethernet_controller_administrative_toolsInsufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-27808
MISC
palantir -- atlasdbIt was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of AtlasDB, the vulnerability was mitigated by other network controls such as two-way TLS when deployed as part of a Palantir platform. Palantir still recommends upgrading to a non-vulnerable version out of an abundance of caution.2023-02-16not yet calculatedCVE-2022-27890
MISC
palantir -- gothamPalantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0.2023-02-16not yet calculatedCVE-2022-27891
MISC
palantir -- gothamPalantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.2023-02-16not yet calculatedCVE-2022-27892
MISC
palantir -- gothamPalantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server.2023-02-16not yet calculatedCVE-2022-27897
MISC
fortinet -- fortiosA missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.2023-02-16not yet calculatedCVE-2022-29054
MISC
integrated_bmc -- integrated_bmcUncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.2023-02-16not yet calculatedCVE-2022-29493
MISC
openbmc -- openbmcImproper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.2023-02-16not yet calculatedCVE-2022-29494
MISC
intel -- surImproper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-29514
MISC
intel -- open_casImproper conditions check in the Open CAS software maintained by Intel(R) before version 22.3.1 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-29523
MISC
lexisnexis_firco_compliance_link -- lexisnexis_firco_compliance_linkLexisNexis Firco Compliance Link 3.7 allows CSRF.2023-02-15not yet calculatedCVE-2022-29557
MISC
fortinet -- fortiwebA path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests.2023-02-16not yet calculatedCVE-2022-30299
MISC
fortinet -- fortiwebA relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.2023-02-16not yet calculatedCVE-2022-30300
MISC
fortinet -- fortiwebAn improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions may allow an authenticated attacker to execute arbitrary shell code as `root` user via crafted HTTP requests.2023-02-16not yet calculatedCVE-2022-30303
MISC
fortinet -- fortianalyzerAn improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack event logview in FortiAnalyzer.2023-02-16not yet calculatedCVE-2022-30304
MISC
fortinet -- fortiwebA stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted password.2023-02-16not yet calculatedCVE-2022-30306
MISC
intel -- integrated_sensor_solutionOut-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-30339
MISC
intel -- dsaProtection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-30530
MISC
intel -- iris_xe max_drivers_for_windowsOut-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 may allow a privileged user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-30531
MISC
intel -- multiple_productsUse after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-30539
MISC
intel -- surImproper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access.2023-02-16not yet calculatedCVE-2022-30692
MISC
intel -- multiple_productsImproper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-30704
MISC
enocean -- echelon_smartserverEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.2023-02-13not yet calculatedCVE-2022-3089
MISC
intel -- surImproper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-31476
MISC
siemens -- sipass_integrated_ac5102A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.2023-02-14not yet calculatedCVE-2022-31808
MISC
intel -- multiple_productsImproper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-32231
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32469
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32470
MISC
MISC
insyde -- insydeh2oAn issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the command buffer contents with DMA after the input parameters have been checked but before they are used, the IHISI SMM code may be convinced to modify SMRAM or OS, leading to possible data corruption or escalation of privileges.2023-02-15not yet calculatedCVE-2022-32471
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32473
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32474
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue was fixed in the kernel, which also protected chipset and OEM chipset code.2023-02-15not yet calculatedCVE-2022-32475
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32476
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32477
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.2023-02-15not yet calculatedCVE-2022-32478
MISC
MISC

intel -- quartus_prime_pro_and_standard_editions

Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-32570
MISC
intel -- trace_analyzer_and collectorOut-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-32575
MISC
intel -- dsaDescription: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-32764
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.2023-02-15not yet calculatedCVE-2022-32953
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.2023-02-15not yet calculatedCVE-2022-32954
MISC
MISC
insyde -- insydeh2oAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.2023-02-15not yet calculatedCVE-2022-32955
MISC
MISC
intel -- surImproper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-32971
MISC
infoblox -- bloxone_endpoint_for_windowsInfoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation.2023-02-17not yet calculatedCVE-2022-32972
MISC
MISC
intel -- surImproper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-33190
MISC
intel -- xeon_processors_with_intelâ_software_guard_extensionsIncorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-33196
MISC
fortinet -- fortiwanAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.2023-02-16not yet calculatedCVE-2022-33869
MISC
fortinet -- fortiwebA stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.2023-02-16not yet calculatedCVE-2022-33871
MISC
intel -- quartus_prime_pro_and_standard_editionsPath traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-33892
MISC
intel -- quartus_prime_pro_and_standard_editionsInsufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-33902
MISC
intel -- surImproper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-33946
MISC
intel -- surImproper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-33964
MISC
intel -- 3rd generation_xeon_scalable_processorsIncorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-33972
MISC
gitlab-- gitlabA lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.2023-02-13not yet calculatedCVE-2022-3411
MISC
MISC
CONFIRM
intel -- battery_life_diagnostic_toolImproper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34153
MISC
intel -- quartus_prime_pro_and_standard_editionsImproper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34157
MISC
intel -- media_sdkOut-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34346
MISC
ibm -- qradar_siemIBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.2023-02-17not yet calculatedCVE-2022-34351
MISC
MISC
dell -- unisphere_for_powermaxDell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.2023-02-13not yet calculatedCVE-2022-34397
MISC
intel -- media_sdkImproper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34841
MISC
intel -- trace_analyzer_and collectorInteger overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34843
MISC
intel -- iris_xe max_drivers_for_windowsUncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-34849
MISC
intel -- surImproper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34854
MISC
intel -- trace_analyzer_and collectorOut-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-34864
MISC
openbmc -- openbmcOut of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.2023-02-16not yet calculatedCVE-2022-35729
MISC
siemens -- multiple_productsA vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.2023-02-14not yet calculatedCVE-2022-35868
MISC
intel -- media_sdkNULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-35883
MISC
intel -- battery_life_diagnostic_toolInsufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36278
MISC
intel -- fcs_serverUncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may allow a privileged user to potentially enable denial of service via physical access.2023-02-16not yet calculatedCVE-2022-36287
MISC
intel -- media_sdkProtection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-36289
MISC
intel -- sps_firmwareActive debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36348
MISC
intel - qatzipImproper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36369
MISC
intel -- multiple_productsOut-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-36382
MISC
intel -- qat_drivers_for_linuxIncorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36397
MISC
intel -- battery_life_diagnostic_toolUncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36398
MISC
intel --ethernet_500_series_controller_drivers_for_vmwareProtection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-36416
MISC
ibm -- security verify accessIBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.2023-02-17not yet calculatedCVE-2022-36775
MISC
MISC
intel -- sps_firmwareImproper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-36794
MISC
intel --ethernet_500_series_controller_drivers_for_vmwareProtection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access.2023-02-16not yet calculatedCVE-2022-36797
MISC
intel -- quartus_prime_pro_and_standard_editionsUncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-37329
MISC
intel -- qat_drivers_for_windowsUncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-37340
MISC
gitlab -- gitlabAn issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child pipelines and make a sidekiq job allocate a lot of memory. In GitLab instances where Sidekiq is memory-limited, this may cause Denial of Service.2023-02-13not yet calculatedCVE-2022-3759
MISC
CONFIRM
MISC
intel -- emaImproper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.2023-02-16not yet calculatedCVE-2022-38056
MISC
intel -- multiple_productsImproper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-38090
MISC
solarwinds -- platformSolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.2023-02-15not yet calculatedCVE-2022-38111
MISC
MISC
fortinet -- fortinacAn improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests.2023-02-16not yet calculatedCVE-2022-38375
MISC
fortinet -- fortinacMultiple improper neutralization of input during web page generation ('Cross-site Scripting') vulnerabilities [CWE-79] in Fortinet FortiNAC portal UI before 9.4.1 allows an attacker to perform an XSS attack via crafted HTTP requests.2023-02-16not yet calculatedCVE-2022-38376
MISC
fortinet -- multiple_productsAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.2023-02-16not yet calculatedCVE-2022-38378
MISC

qaelum -- dose

Qaelum DOSE 18.08 through 21.1 before 21.2 allows Directory Traversal via the loadimages name parameter. It allows a user to specify an arbitrary location on the server's filesystem from which to load an image. (Only images are displayed to the attacker. All other files are loaded but not displayed.) The Content-Type response header reflects the actual content type of the file being requested. This allows an attacker to enumerate files on the local system. Additionally, remote resources can be requested via a UNC path, allowing an attacker to coerce authentication out from the server to the attackers machine.2023-02-16not yet calculatedCVE-2022-38731
MISC
MISC
rttys -- rttysSQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, and 4.0.2 in api.go, allows attackers to execute arbitrary code.2023-02-15not yet calculatedCVE-2022-38867
MISC
ehoney -- ehoneySQL Injection vulnerability in Ehoney version 2.0.0 in models/protocol.go and models/images.go, allows attackers to execute arbitrary code.2023-02-15not yet calculatedCVE-2022-38868
MISC

wordpress -- wordpress

The WP FullCalendar WordPress plugin before 1.5 does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones.2023-02-13not yet calculatedCVE-2022-3891
MISC

niterforum -- niterforum

An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges.2023-02-15not yet calculatedCVE-2022-38935
MISC

fortinet -- multiple_products

An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)2023-02-16not yet calculatedCVE-2022-39948
MISC
fortinet -- fortinacA external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.2023-02-16not yet calculatedCVE-2022-39952
MISC
fortinet -- fortinacAn improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.7, FortiNAC version 9.1.0 through 9.1.8, FortiNAC version 8.8.0 through 8.8.11, FortiNAC version 8.7.0 through 8.7.6, FortiNAC version 8.6.0 through 8.6.5, FortiNAC version 8.5.0 through 8.5.4, FortiNAC version 8.3.7 allows attacker to read arbitrary files or trigger a denial of service via specifically crafted XML documents.2023-02-16not yet calculatedCVE-2022-39954
MISC
ireader -- media-serverUse After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service.2023-02-15not yet calculatedCVE-2022-40016
MISC
qvidium_technologies -- amino_a140QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a command injection vulnerability.2023-02-17not yet calculatedCVE-2022-40021
MISC
microsemi -- syncserver_s650Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability.2023-02-13not yet calculatedCVE-2022-40022
MISC
MISC
MISC
MISC
sourcecodester -- simple_task_managing_systemSQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.2023-02-17not yet calculatedCVE-2022-40032
MISC
MISC
MISC
acer -- aspireStack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.2023-02-16not yet calculatedCVE-2022-40080
MISC
MISC

ibm -- sterling_b2b_integrator

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.2023-02-17not yet calculatedCVE-2022-40231
MISC
MISC

ibm -- sterling_b2b_integrator

IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.2023-02-17not yet calculatedCVE-2022-40232
MISC
MISC
intern_record_system -- intern_record_systemSQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.2023-02-17not yet calculatedCVE-2022-40347
MISC
MISC
MISC
intern_record_system -- intern_record_systemCross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code.2023-02-18not yet calculatedCVE-2022-40348
MISC
MISC
MISC

fortinet -- fortinac

Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7, 9.1.0 through 9.1.8, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an attacker to decrypt and forge protocol communication messages.2023-02-16not yet calculatedCVE-2022-40675
MISC

fortinet -- fortinac

A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters.2023-02-16not yet calculatedCVE-2022-40677
MISC

fortinet -- fortinac

An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords.2023-02-16not yet calculatedCVE-2022-40678
MISC
fortinet -- fortiwebA double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands2023-02-16not yet calculatedCVE-2022-40683
MISC
optinlyhq -- optinlyCross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions.2023-02-13not yet calculatedCVE-2022-41134
MISC
intel -- network_adapter_installer_softwareUncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.2023-02-16not yet calculatedCVE-2022-41314
MISC

fortinet -- fortios

An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked.2023-02-16not yet calculatedCVE-2022-41334
MISC

fortinet -- multiple_products

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.2023-02-16not yet calculatedCVE-2022-41335
MISC
gitlab -- gitlabA Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a malicious project.2023-02-13not yet calculatedCVE-2022-4138
CONFIRM
MISC
MISC

tibco -- multiple_products

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.2.1 and below and TIBCO Operational Intelligence Hawk RedTail: versions 7.2.0 and below.2023-02-14not yet calculatedCVE-2022-41564
CONFIRM
CONFIRM
intel -- on_event_series_android_applicationInsufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access.2023-02-16not yet calculatedCVE-2022-41614
MISC
ibm -- maximo_asset_managementIBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 237587.2023-02-17not yet calculatedCVE-2022-41734
MISC
MISC

asus -- ec_tool_driver

ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.2023-02-15not yet calculatedCVE-2022-42455
MISC
fortinet -- multiple_productsA improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.2023-02-16not yet calculatedCVE-2022-42472
MISC
apache -- shenyuImproper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .2023-02-15not yet calculatedCVE-2022-42735
MISC

b&r-automation -- system_diagnostics_manager

A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.2023-02-14not yet calculatedCVE-2022-4286
MISC

fujifilm -- driver_distributor

Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.2023-02-13not yet calculatedCVE-2022-43460
MISC
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data plugin <= 1.7.0.6 versions.2023-02-14not yet calculatedCVE-2022-43469
MISC
ibm -- sterling_b2b_integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684.2023-02-17not yet calculatedCVE-2022-43579
MISC
MISC

ibm -- multiple_products

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.2023-02-17not yet calculatedCVE-2022-43927
MISC
MISC

ibm -- multiple_products

IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.2023-02-17not yet calculatedCVE-2022-43929
MISC
MISC

ibm -- multiple_products

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.2023-02-17not yet calculatedCVE-2022-43930
MISC
MISC

fortinet -- fortiportal

An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page.2023-02-16not yet calculatedCVE-2022-43954
MISC
ricoh -- mp_c4504exRicoh mp_c4504ex devices with firmware 1.06 mishandle credentials.2023-02-16not yet calculatedCVE-2022-43969
MISC
MISC

siteservercms -- siteservercms

SiteServerCMS 7.1.3 sscms has a file read vulnerability.2023-02-16not yet calculatedCVE-2022-44299
MISC
wordpress -- wordpressThe FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.2023-02-13not yet calculatedCVE-2022-4445
MISC
wordpress -- wordpressThe GiveWP WordPress plugin before 2.24.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4448
MISC
wordpress -- wordpressThe amr shortcode any widget WordPress plugin through 4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4458
MISC
wordpress -- wordpressThe YARPP WordPress plugin through 5.30.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4471
MISC
wordpress -- wordpressThe Widget Shortcode WordPress plugin through 0.3.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4473
MISC
wordpress -- wordpressThe Widgets on Pages WordPress plugin through 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4488
MISC
wordpress -- wordpressThe Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2022-4512
MISC
suse -- multiple_productsAn Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.2023-02-15not yet calculatedCVE-2022-45153
CONFIRM
suse -- multiple_productsA Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.2023-02-15not yet calculatedCVE-2022-45154
CONFIRM
ithacalabs --vsourz_digitalVsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS).2023-02-13not yet calculatedCVE-2022-45285
MISC
MISC
pandora_fms -- articaImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.2023-02-15not yet calculatedCVE-2022-45436
CONFIRM
pandora_fms -- articaImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload without interaction and attacker can get information.2023-02-15not yet calculatedCVE-2022-45437
CONFIRM
acronis -- multiple_productsSensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.2023-02-13not yet calculatedCVE-2022-45454
MISC
acronis -- multiple_productsLocal privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.2023-02-13not yet calculatedCVE-2022-45455
MISC
wordpress -- wordpressThe Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.2023-02-13not yet calculatedCVE-2022-4546
MISC
MISC
wordpress -- wordpressThe Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4551
MISC

discuzx -- discuzx

Cross site scripting (XSS) vulnerability in DiscuzX 3.4 allows attackers to execute arbitrary code via the datetline, title, tpp, or username parameters via the audit search.2023-02-15not yet calculatedCVE-2022-45543
MISC
screencheck_badgemaker -- screencheck_badgemakerInformation Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing.2023-02-15not yet calculatedCVE-2022-45546
MISC

xpdfreader -- xpdfreader

Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.2023-02-15not yet calculatedCVE-2022-45586
MISC

xpdfreader -- xpdfreader

Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.2023-02-15not yet calculatedCVE-2022-45587
MISC
wordpress -- wordpressThe Meks Flexible Shortcodes WordPress plugin before 1.3.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4562
MISC
arris -- routerArris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.2023-02-17not yet calculatedCVE-2022-45701
MISC
MISC
comfast -- routerIncorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests.2023-02-13not yet calculatedCVE-2022-45724
MISC
MISC
MISC
comfast -- routerImproper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request2023-02-13not yet calculatedCVE-2022-45725
MISC
MISC
MISC
wordpress -- wordpressThe Twenty20 Image Before-After WordPress plugin through 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4580
MISC

open_solutions_for_education -- opensis_community_edition

Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php.2023-02-13not yet calculatedCVE-2022-45962
MISC
MISC
MISC
CONFIRM
MISC
wordpress -- wordpressThe Easy PayPal Buy Now Button WordPress plugin before 1.7.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4628
MISC
wordpress -- wordpressThe WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.5 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.2023-02-13not yet calculatedCVE-2022-4656
MISC
wordpress -- wordpressThe TemplatesNext ToolKit WordPress plugin before 3.2.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2022-4678
MISC
wordpress -- wordpressThe Lightbox Gallery WordPress plugin before 0.9.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4682
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions.2023-02-14not yet calculatedCVE-2022-46862
MISC
ampere_computing -- multiple_productsIn Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.2023-02-15not yet calculatedCVE-2022-46892
MISC
playsms -- playsmsA type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows attackers to bypass authentication.2023-02-13not yet calculatedCVE-2022-47034
MISC
MISC
pandora_fms -- console
 		Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.2023-02-15not yet calculatedCVE-2022-47372
CONFIRM
pandora_fms -- consoleReflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.2023-02-15not yet calculatedCVE-2022-47373
CONFIRM
wordpress -- wordpress
 		The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.2023-02-13not yet calculatedCVE-2022-4745
MISC
solarwinds -- platformSolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.2023-02-15not yet calculatedCVE-2022-47503
MISC
MISC
solarwinds -- platformSolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.2023-02-15not yet calculatedCVE-2022-47504
MISC
MISC
solarwinds -- platformSolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to edit the default configuration, enabling the execution of arbitrary commands.2023-02-15not yet calculatedCVE-2022-47506
MISC
MISC
solarwinds -- platformSolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.2023-02-15not yet calculatedCVE-2022-47507
MISC
MISC
solarwinds -- platformCustomers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.2023-02-15not yet calculatedCVE-2022-47508
MISC
MISC
wordpress -- wordpressThe GigPress WordPress plugin before 2.3.28 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4759
MISC
tianjie -- cpe906-3TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5.0_LCD_20200513, Firmware Version MV8.003, and Hardware Version CPF906-V5.0_LCD_20200513.2023-02-16not yet calculatedCVE-2022-47703
MISC
wordpress -- wordpressThe Youtube Channel Gallery WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2022-4783
MISC
siemens -- multiple_productsA vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2022-47936
MISC
siemens -- multiple_products
 		A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2022-47977
MISC
ibm -- aspera_faspexIBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.2023-02-17not yet calculatedCVE-2022-47986
MISC
MISC
genymotion -- desktopGenymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attackers to escalate privileges and execute arbitrary code via a crafted DLL.2023-02-13not yet calculatedCVE-2022-48077
MISC
MISC
jspreadsheet -- jspreadsheetThe dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting (XSS).2023-02-17not yet calculatedCVE-2022-48115
MISC
MISC
wordpress -- wordpressThe Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.2023-02-13not yet calculatedCVE-2022-4830
MISC
palantir -- gotham
 		Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242.2023-02-16not yet calculatedCVE-2022-48306
MISC
palantir -- magritte-ftpIt was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of a successful man in the middle attack on magritte-ftp, an attacker would be able to read and modify network traffic such as authentication tokens or raw data entering a Palantir Foundry stack.2023-02-16not yet calculatedCVE-2022-48307
MISC
palantir -- sls-loggingIt was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service.2023-02-16not yet calculatedCVE-2022-48308
MISC
netgear -- nighthawk_wifi_meshNETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.2023-02-13not yet calculatedCVE-2022-48322
MISC
sunlogin -- sunflower_simplifiedSunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the pathname of the powershell.exe program.2023-02-13not yet calculatedCVE-2022-48323
MISC
MISC
MISC
mapos -- mapos
 		Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) pesquisa, (2) data, (3) data2, (4) nome, (5) descricao, (6) idDocumentos, (7) id in file application/controllers/Arquivos.php; (8) senha, (9) nomeCliente, (10) contato, (11) documento, (12) telefone, (13) celular, (14) email, (15) rua, (16) numero, (17) complemento, (18) bairro, (19) cidade, (20) estado, (21) cep, (22) idClientes, (23) id in file application/controllers/Clientes.php; (24) id, (25) tipo, (26) forma_pagamento, (27) gateway_de_pagamento, (28) excluir_id, (29) confirma_id, (30) cancela_id in file application/controllers/Cobrancas.php; (31) vencimento_de, (32) vencimento_ate, (33) cliente, (34) tipo, (35) status, (36) valor_desconto, (37) desconto, (38) periodo, (39) per_page, (40) urlAtual, (41) vencimento, (42) recebimento, (43) valor, (44) recebido, (45) formaPgto, (46) desconto_parc, (47) entrada, (48) qtdparcelas_parc, (49) valor_parc, (50) dia_pgto, (51) dia_base_pgto, (52) comissao, (53) descricao_parc, (54) cliente_parc, (55) observacoes_parc, (56) formaPgto_parc, (57) tipo_parc, (58) pagamento, (59) pago, (60) valor_desconto_editar, (61) descricao, (62) fornecedor, (63) observacoes, (64) id in file application/controllers/Financeiro.php; (65) refGarantia, (66) textoGarantia, (67) idGarantias in file application/controllers/Garantias.php; (68) email, (69) senha in file application/controllers/Login.php.2023-02-16not yet calculatedCVE-2022-48324
MISC
MISC
MISC
mapos -- mapos
 		Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) year, (2) oldSenha, (3) novaSenha, (4) termo, (5) nome, (6) cnpj, (7) ie, (8) cep, (9) logradouro, (10) numero, (11) bairro, (12) cidade, (13) uf, (14) telefone, (15) email, (16) id, (17) app_name, (18) per_page, (19) app_theme, (20) os_notification, (21) email_automatico, (22) control_estoque, (23) notifica_whats, (24) control_baixa, (25) control_editos, (26) control_edit_vendas, (27) control_datatable, (28) pix_key, (29) os_status_list, (30) control_2vias, (31) status, (32) start, (33) end in file application/controllers/Mapos.php; (34) token, (35) senha, (36) email, (37) nomeCliente, (38) documento, (39) telefone, (40) celular, (41) rua, (42) numero, (43) complemento, (44) bairro, (45) cidade, (46) estado, (47) cep, (48) idClientes, (49) descricaoProduto, (50) defeito in file application/controllers/Mine.php; (51) pesquisa, (52) status, (53) data, (54) data2, (55) dataInicial, (56) dataFinal, (57) termoGarantia, (58) garantias_id, (59) clientes_id, (60) usuarios_id, (61) idOs, (62) garantia, (63) descricaoProduto, (64) defeito, (65) observacoes, (66) laudoTecnico, (67) id, (68) preco, (69) quantidade, (70) idProduto, (71) idOsProduto, (72) produto, (73) idServico, (74) idOsServico, (75) desconto, (76) tipoDesconto, (77) resultado, (78) vencimento, (79) recebimento, (80) os_id, (81) valor, (82) recebido, (83) formaPgto, (84) tipo, (85) anotacao, (86) idAnotacao in file application/controllers/Os.php.2023-02-16not yet calculatedCVE-2022-48325
MISC
MISC
MISC
mapos -- mapos
 		Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) nome, (2) aCliente, (3) eCliente, (4) dCliente, (5) vCliente, (6) aProduto, (7) eProduto, (8) dProduto, (9) vProduto, (10) aServico, (11) eServico, (12) dServico, (13) vServico, (14) aOs, (15) eOs, (16) dOs, (17) vOs, (18) aVenda, (19) eVenda, (20) dVenda, (21) vVenda, (22) aGarantia, (23) eGarantia, (24) dGarantia, (25) vGarantia, (26) aArquivo, (27) eArquivo, (28) dArquivo, (29) vArquivo, (30) aPagamento, (31) ePagamento, (32) dPagamento, (33) vPagamento, (34) aLancamento, (35) eLancamento, (36) dLancamento, (37) vLancamento, (38) cUsuario, (39) cEmitente, (40) cPermissao, (41) cBackup, (42) cAuditoria, (43) cEmail, (44) cSistema, (45) rCliente, (46) rProduto, (47) rServico, (48) rOs, (49) rVenda, (50) rFinanceiro, (51) aCobranca, (52) eCobranca, (53) dCobranca, (54) vCobranca, (55) situacao, (56) idPermissao, (57) id in file application/controllers/Permissoes.php; (58) precoCompra, (59) precoVenda, (60) descricao, (61) unidade, (62) estoque, (63) estoqueMinimo, (64) idProdutos, (65) id, (66) estoqueAtual in file application/controllers/Produtos.php.2023-02-16not yet calculatedCVE-2022-48326
MISC
MISC
MISC
mapos -- mapos
 		Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) dataInicial, (2) dataFinal, (3) tipocliente, (4) format, (5) precoInicial, (6) precoFinal, (7) estoqueInicial, (8) estoqueFinal, (9) de_id, (10) ate_id, (11) clientes_id, (12) origem, (13) cliente, (14) responsavel, (15) status, (16) tipo, (17) situacao in file application/controllers/Relatorios.php; (18) preco, (19) nome, (20) descricao, (21) idServicos, (22) id in file application/controllers/Servicos.php; (23) senha, (24) permissoes_id, (25) idUsuarios, (26) situacao, (27) nome, (28) rg, (29) cpf, (30) cep, (31) rua, (32) numero, (33) bairro, (34) cidade, (35) estado, (36) email, (37) telefone, (38) celular in file application/controllers/Usuarios.php; (39) dataVenda, (40) observacoes, (41) observacoes_cliente, (42) clientes_id, (43) usuarios_id, (44) idVendas, (45) id, (46) idVendasProduto, (47) preco, (48) quantidade, (49) idProduto, (50) produto, (51) desconto, (52) tipoDesconto, (53) resultado, (54) vendas_id, (55) vencimento, (56) recebimento, (57) valor, (58) recebido, (59) formaPgto, (60) tipo in file application/controllers/Vendas.php; (61) situacao, (62) periodo, (63) vencimento_de, (64) vencimento_ate, (65) tipo, (66) status, (67) cliente in file application/views/financeiro/lancamentos.php; (68) year in file application/views/mapos/painel.php; (69) pesquisa in file application/views/os/os.php; (70) etiquetaCode in file application/views/relatorios/imprimir/imprimirEtiquetas.php.2023-02-16not yet calculatedCVE-2022-48327
MISC
MISC
MISC
wordpress -- wordpress
 		A vulnerability was found in UDX Stateless Media Plugin 3.1.1. It has been declared as problematic. This vulnerability affects the function setup_wizard_interface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.2.0 is able to address this issue. The name of the patch is 6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a. It is recommended to upgrade the affected component. VDB-220750 is the identifier assigned to this vulnerability.2023-02-13not yet calculatedCVE-2022-4905
MISC
MISC
MISC
MISC
MISC
sap_se -- grcIn SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100, GRCPINW V1100_700, GRCPINW V1100_731, GRCPINW V1200_750, remote-enabled function module in the proprietary SAP solution enables an authenticated attacker with minimal privileges to access all the confidential data stored in the database. Successful exploitation of this vulnerability can expose user credentials from client-specific tables of the database, leading to high impact on confidentiality.2023-02-14not yet calculatedCVE-2023-0019
MISC
MISC
sap_se -- businessobjects_business_intelligence_platformSAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. On successful exploitation, there could be a high impact on confidentiality and limited impact on integrity of the application.2023-02-14not yet calculatedCVE-2023-0020
MISC
MISC
sap_se -- solution_manager
 		SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in Cross-Site Scripting vulnerability.2023-02-14not yet calculatedCVE-2023-0024
MISC
MISC
sap_se -- solution_managerSAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources.2023-02-14not yet calculatedCVE-2023-0025
MISC
MISC
wordpress -- wordpressThe JetWidgets For Elementor WordPress plugin through 1.0.13 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks2023-02-13not yet calculatedCVE-2023-0034
MISC
wordpress -- wordpressThe Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2023-0060
MISC
wordpress -- wordpressThe Judge.me Product Reviews for WooCommerce WordPress plugin before 1.3.21 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2023-0061
MISC
wordpress -- wordpress
 		The Amazon JS WordPress plugin through 0.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2023-0075
MISC
wordpress -- wordpressThe Customer Reviews for WooCommerce WordPress plugin before 5.16.0 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that given that they have the upload_file capability.2023-02-13not yet calculatedCVE-2023-0080
MISC
wordpress -- wordpressThe Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber.2023-02-13not yet calculatedCVE-2023-0098
MISC
wordpress -- wordpressThe Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.2023-02-13not yet calculatedCVE-2023-0099
MISC
ls_electric -- xbc-dn32uLS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.2023-02-15not yet calculatedCVE-2023-0102
MISC
ls_electric -- xbc-dn32uIf an attacker were to access memory locations of LS ELECTRIC XBC-DN32U with operating system version 01.80 that are outside of the communication buffer, the device stops operating. This could allow an attacker to cause a denial-of-service condition.2023-02-15not yet calculatedCVE-2023-0103
MISC
wordpress -- wordpressThe uTubeVideo Gallery WordPress plugin before 2.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.2023-02-13not yet calculatedCVE-2023-0151
MISC
gnutls -- gnutlsA timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.2023-02-15not yet calculatedCVE-2023-0361
MISC
MISC
MISC
MLIST
hashicorp -- gogetterHashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0.2023-02-16not yet calculatedCVE-2023-0475
MISC
resteasy -- resteasyIn RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.2023-02-17not yet calculatedCVE-2023-0482
MISC
gitlab -- gitlabAn issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. It was possible to trigger a DoS attack by uploading a malicious Helm chart.2023-02-13not yet calculatedCVE-2023-0518
CONFIRM
MISC
MISC
php -- phpIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.2023-02-16not yet calculatedCVE-2023-0568
MISC
sonicwall -- email_securitySonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.2023-02-14not yet calculatedCVE-2023-0655
CONFIRM
php -- phpIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.2023-02-16not yet calculatedCVE-2023-0662
MISC
multiple_vendors -- inverterA vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. Upgrading to version MW3_16U_5406_1.53 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-220769 was assigned to this vulnerability.2023-02-13not yet calculatedCVE-2023-0808
MISC
MISC
MISC
btcpayserver  -- btcpayserverCross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.2023-02-13not yet calculatedCVE-2023-0810
CONFIRM
MISC

gpac -- gpac

Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.2023-02-13not yet calculatedCVE-2023-0817
MISC
CONFIRM

gpac -- gpac

Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.2023-02-13not yet calculatedCVE-2023-0818
MISC
CONFIRM

gpac -- gpac

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.2023-02-13not yet calculatedCVE-2023-0819
MISC
CONFIRM

hashicorp -- multiple_products

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.2023-02-16not yet calculatedCVE-2023-0821
MISC

delta_electronics -- dianergie

The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.2023-02-17not yet calculatedCVE-2023-0822
MISC

pimcore -- pimcore

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17.2023-02-14not yet calculatedCVE-2023-0827
MISC
CONFIRM

easynas -- easynas

A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-220950 is the identifier assigned to this vulnerability.2023-02-14not yet calculatedCVE-2023-0830
MISC
MISC
MISC

phpcrazy -- phpcrazy

A vulnerability classified as problematic was found in PHPCrazy 1.1.1. This vulnerability affects unknown code of the file admin/admin.php?action=users&mode=info&user=2. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221086 is the identifier assigned to this vulnerability.2023-02-15not yet calculatedCVE-2023-0840
MISC
MISC
MISC

gpac -- gpac

A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.2023-02-15not yet calculatedCVE-2023-0841
MISC
MISC
MISC

netgear -- wndr3700v2

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. It has been rated as problematic. This issue affects some unknown processing of the component Web Management Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221147.2023-02-15not yet calculatedCVE-2023-0848
MISC
MISC

netgear -- wndr3700v2

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221152.2023-02-15not yet calculatedCVE-2023-0849
MISC
MISC

netgear -- wndr3700v2

A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. This issue affects some unknown processing of the component Web Interface. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221153 was assigned to this vulnerability.2023-02-15not yet calculatedCVE-2023-0850
MISC
MISC

modoboa --modoboa-installer

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4.2023-02-16not yet calculatedCVE-2023-0860
CONFIRM
MISC
netmodule -- nsrwNetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.2023-02-16not yet calculatedCVE-2023-0861
MISC
MISC

netmodule -- nsrw

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.2023-02-16not yet calculatedCVE-2023-0862
MISC
MISC

gpac -- gpac

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.2023-02-16not yet calculatedCVE-2023-0866
CONFIRM
MISC

froxlor -- froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.2023-02-17not yet calculatedCVE-2023-0877
CONFIRM
MISC

nuxt -- nuxt

Cross-site Scripting (XSS) - Generic in GitHub repository nuxt/framework prior to 3.2.1.2023-02-17not yet calculatedCVE-2023-0878
MISC
CONFIRM

btcpayserver -- btcpay_server

Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.2023-02-17not yet calculatedCVE-2023-0879
CONFIRM
MISC
phpmyfaq -- phpmyfaqMisinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.2023-02-17not yet calculatedCVE-2023-0880
MISC
CONFIRM

kron_technologies --kron_tech_single_connect

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16.2023-02-17not yet calculatedCVE-2023-0882
MISC
MISC

sourcecodester -- online_pizza_ordering_system

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221350 is the identifier assigned to this vulnerability.2023-02-17not yet calculatedCVE-2023-0883
MISC
MISC
MISC

tftpd64 -- tftpd64

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The associated identifier of this vulnerability is VDB-221351.2023-02-17not yet calculatedCVE-2023-0887
MISC
MISC

wordpress -- wordpress

The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrative privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.2023-02-17not yet calculatedCVE-2023-0895
MISC
MISC

pixelfed -- pixelfed

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pixelfed/pixelfed prior to 0.11.4.2023-02-18not yet calculatedCVE-2023-0901
CONFIRM
MISC

sourcecodester -- simple_food_ordering_system

A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451.2023-02-18not yet calculatedCVE-2023-0902
MISC
MISC
MISC

sourcecodester -- employee_task_management_system

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument task_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221452.2023-02-18not yet calculatedCVE-2023-0903
MISC
MISC
MISC

sourcecodester -- employee_task_management_system

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221453 was assigned to this vulnerability.2023-02-18not yet calculatedCVE-2023-0904
MISC
MISC
MISC

sourcecodester -- employee_task_management_system

A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221454 is the identifier assigned to this vulnerability.2023-02-18not yet calculatedCVE-2023-0905
MISC
MISC
MISC
sourcecodester -- online_pizza_ordering_systemA vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-221455.2023-02-18not yet calculatedCVE-2023-0906
MISC
MISC

filseclab -- twister_antivirus

A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is some unknown functionality in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221456.2023-02-18not yet calculatedCVE-2023-0907
MISC
MISC
MISC

xoslab -- easy_file_locker

A vulnerability, which was classified as problematic, was found in Xoslab Easy File Locker 2.2.0.184. This affects the function MessageNotifyCallback in the library xlkfs.sys. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-221457 was assigned to this vulnerability.2023-02-18not yet calculatedCVE-2023-0908
MISC
MISC
MISC

snyk -- cxasm/notepad

A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. This affects an unknown part of the component Directory Comparison Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The associated identifier of this vulnerability is VDB-221475.2023-02-18not yet calculatedCVE-2023-0909
MISC
MISC
MISC

sourcecodester -- online_pizza_ordering_system

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-221476.2023-02-18not yet calculatedCVE-2023-0910
MISC
MISC

sourcecodester -- auto_dealer_management_system

A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. This affects an unknown part of the file /adms/admin/?page=vehicles/view_transaction. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221481 was assigned to this vulnerability.2023-02-18not yet calculatedCVE-2023-0912
MISC
MISC
MISC

sourcecodester -- auto_dealer_management_system

A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sell_vehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221482 is the identifier assigned to this vulnerability.2023-02-18not yet calculatedCVE-2023-0913
MISC
MISC
MISC
google -- androidmanifest.xmlIn permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2442165032023-02-15not yet calculatedCVE-2023-20927
MISC
google -- multiple_productsIn s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A2023-02-15not yet calculatedCVE-2023-20949
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22345
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22346
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22347
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22349
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22350
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22353
MISC
MISC
MISC

jtekt_electronics_corporation -- screen_creator_advance_2

Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.2023-02-13not yet calculatedCVE-2023-22360
MISC
MISC
MISC
akindo_sushiro_company_limited -- sushiro_app_for_androidSUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file. Affected products/versions are as follows: SUSHIRO Ver.4.0.31, Thailand SUSHIRO Ver.1.0.0, Hong Kong SUSHIRO Ver.3.0.2, Singapore SUSHIRO Ver.2.0.0, and Taiwan SUSHIRO Ver.2.0.12023-02-13not yet calculatedCVE-2023-22362
MISC
MISC
MISC
MISC
MISC
MISC
betrend_corporation/ichiran_incorporated -- ichiran_app_for_ios/ichiran_app_for_androidIchiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.2023-02-13not yet calculatedCVE-2023-22367
MISC
MISC
MISC

elecom -- multiple_products

Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.2023-02-15not yet calculatedCVE-2023-22368
MISC
MISC
fujitsu_limited -- tsclinical_define.xml_generator_and_tsclinical_metadata_desktop_toolsImproper restriction of XML external entity reference (XXE) vulnerability exists in tsClinical Define.xml Generator all versions (v1.0.0 to v1.4.0) and tsClinical Metadata Desktop Tools Version 1.0.3 to Version 1.1.0. If this vulnerability is exploited, an attacker may obtain an arbitrary file which meets a certain condition by reading a specially crafted XML file.2023-02-15not yet calculatedCVE-2023-22377
MISC
MISC
github -- enterprise_serverA path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.6. This vulnerability was reported via the GitHub Bug Bounty program.2023-02-16not yet calculatedCVE-2023-22380
MISC
git -- gitGit is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.2023-02-14not yet calculatedCVE-2023-22490
MISC
MISC
MISC
feathers-sequalize -- sequelize.jsDue to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.2023-02-16not yet calculatedCVE-2023-22578
MISC
MISC
feathers-sequalize -- sequelize.jsDue to improper parameter filtering in the sequalize js library, can a attacker peform injection.2023-02-16not yet calculatedCVE-2023-22579
MISC
MISC
feathers-sequalize -- sequelize.jsDue to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure.2023-02-16not yet calculatedCVE-2023-22580
MISC
MISC

south_river_technologies -- titan_ftp

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.2023-02-14not yet calculatedCVE-2023-22629
MISC
MISC
MISC

fortinet -- fortinac

Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.2023-02-16not yet calculatedCVE-2023-22638
MISC
git_for_windows -- git_for_windows
 		Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This potentially allows users with local write access to place malicious payloads in a location where automated upgrades might run the Git for Windows installer with elevation. Version 2.39.2 contains a patch for this issue. Some workarounds are available. Never leave untrusted files in the Downloads folder or its sub-folders before executing the Git for Windows installer, or move the installer into a different directory before executing it.2023-02-14not yet calculatedCVE-2023-22743
MISC
MISC
MISC
MISC
MISC
MISC

ls_electric -- xbc-dn32u

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily.2023-02-15not yet calculatedCVE-2023-22803
MISC

ls_electric -- xbc-dn32u

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device.2023-02-15not yet calculatedCVE-2023-22804
MISC

ls_electric -- xbc-dn32u

LS ELECTRIC XBC-DN32U with operating system version 01.80 has improper access control to its read prohibition feature. This could allow a remote attacker to remotely set the feature to lock users out of reading data from the device.2023-02-15not yet calculatedCVE-2023-22805
MISC

ls_electric -- xbc-dn32u

LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.2023-02-15not yet calculatedCVE-2023-22806
MISC

ls_electric -- xbc-dn32u

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol.2023-02-15not yet calculatedCVE-2023-22807
MISC

mitel -- micontact_center_business_server

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.2023-02-13not yet calculatedCVE-2023-22854
MISC
MISC
mlog_mcc -- mlog_mccKardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code.2023-02-15not yet calculatedCVE-2023-22855
MISC
FULLDISC
MISC

ibm -- aspera_faspex

IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244117.2023-02-17not yet calculatedCVE-2023-22868
MISC
MISC

splunk -- enterprise

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.2023-02-14not yet calculatedCVE-2023-22931
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64-encoded image. The vulnerability affects instances with Splunk Web enabled. It does not affect Splunk Enterprise versions below 9.0.2023-02-14not yet calculatedCVE-2023-22932
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’. The vulnerability affects instances with Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22933
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass [SPL safeguards for risky commands](https://docs.splunk.com/Documentation/Splunk/latest/Security/SPLsafeguards) using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser. The vulnerability affects instances with Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22934
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass [SPL safeguards for risky commands](https://docs.splunk.com/Documentation/Splunk/latest/Security/SPLsafeguards). The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22935
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment.2023-02-14not yet calculatedCVE-2023-22936
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Lookup table file extensions may now be one of the following only: .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl. For more information on lookup table files, see [About lookups](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Aboutlookupsandfieldactions).2023-02-14not yet calculatedCVE-2023-22937
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance.2023-02-14not yet calculatedCVE-2023-22938
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a search [bypass SPL safeguards for risky commands](https://docs.splunk.com/Documentation/Splunk/latest/Security/SPLsafeguards). The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22939
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the exposing of data to a summary index that unprivileged users could access. The vulnerability requires a higher privileged user to initiate a request within their browser, and only affects instances with Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22940
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) crashes the Splunk daemon (splunkd).2023-02-14not yet calculatedCVE-2023-22941
MISC
MISC
splunk -- enterpriseIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG [App Key Value Store (KV store)](https://docs.splunk.com/Documentation/Splunk/latest/Admin/AboutKVstore) collections using an HTTP GET request. SSG is a Splunk-built app that comes with Splunk Enterprise. The vulnerability affects instances with SSG and Splunk Web enabled.2023-02-14not yet calculatedCVE-2023-22942
MISC
MISC
splunk -- multiple_productsIn Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. The vulnerability affects AoB and apps that AoB generates when using the REST API Modular Input functionality through its user interface. The vulnerability also potentially affects third-party apps and add-ons that call the *cloudconnectlib.splunktacollectorlib.cloud_connect_mod_input* Python class directly.2023-02-14not yet calculatedCVE-2023-22943
MISC
espcms -- p8.21120101An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.2023-02-17not yet calculatedCVE-2023-23007
MISC
totolink -- a720r_v4.1.5cu.532_b20210610TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control.2023-02-17not yet calculatedCVE-2023-23064
MISC
canteen_management_system -- canteen_management_systemCanteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php.2023-02-17not yet calculatedCVE-2023-23279
MISC
sunell -- dvrSunell DVR, latest version, CWE-200: Exposure of Sensitive Information to an Unauthorized Actor through an unspecified request.2023-02-15not yet calculatedCVE-2023-23458
MISC
priority -- windowsPriority Windows may allow Command Execution via SQL Injection using an unspecified method.2023-02-15not yet calculatedCVE-2023-23459
MISC
priority -- webPriority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass.2023-02-15not yet calculatedCVE-2023-23460
MISC
libpeconv -- libpeconvLibpeconv – access violation, before commit b076013 (30/11/2022).2023-02-15not yet calculatedCVE-2023-23461
MISC
libpeconv -- libpeconvLibpeconv – integer overflow, before commit 75b1565 (30/11/2022).2023-02-15not yet calculatedCVE-2023-23462
MISC
sunell -- dvrSunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through an unspecified request.2023-02-15not yet calculatedCVE-2023-23463
MISC
media_cp -- control_panelMedia CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure.2023-02-15not yet calculatedCVE-2023-23464
MISC
media_cp -- control_panelMedia CP Media Control Panel latest version. CSRF possible through unspecified endpoint.2023-02-15not yet calculatedCVE-2023-23465
MISC
media_cp -- control_panelMedia CP Media Control Panel latest version. Insufficiently protected credential change.2023-02-15not yet calculatedCVE-2023-23466
MISC
media_cp -- control_panelMedia CP Media Control Panel latest version. Reflected XSS possible through unspecified endpoint.2023-02-15not yet calculatedCVE-2023-23467
MISC
control_by_web -- x-600m_devicesControl By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code.2023-02-13not yet calculatedCVE-2023-23551
MISC
control_by_web -- x-400m_devicesControl By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.2023-02-13not yet calculatedCVE-2023-23553
MISC
eternal_terminal -- eternal_terminalIn Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in that file.2023-02-16not yet calculatedCVE-2023-23558
MISC
MISC
MLIST
linux -- kernelDue to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring's io_worker threads, thus it is possible to insert a time namespace's vvar page to process's memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the process' memory, and a next page allocated by the kernel will be still available from the user-space process and can leak memory contents via this (read-only) use-after-free vulnerability. We recommend upgrading past version 5.10.161 or commit 788d0824269bef539fe31a785b1517882eafed93 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring2023-02-17not yet calculatedCVE-2023-23586
MISC
MISC
git_for_windows -- gitGit for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using `gitk` (or Git GUI's "Visualize History" functionality) in clones of untrusted repositories.2023-02-14not yet calculatedCVE-2023-23618
MISC
MISC
MISC
MISC
dell -- secure_connect_gatewayDell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.2023-02-17not yet calculatedCVE-2023-23695
MISC
dell -- commandDell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.2023-02-13not yet calculatedCVE-2023-23697
MISC
joomla!_project -- joomla!_cmsAn issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.2023-02-16not yet calculatedCVE-2023-23752
MISC
fortinet -- fortiwebA relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.2023-02-16not yet calculatedCVE-2023-23778
MISC
fortinet -- fortiwebMultiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.2023-02-16not yet calculatedCVE-2023-23779
MISC
fortinet -- fortiwebA stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests.2023-02-16not yet calculatedCVE-2023-23780
MISC
fortinet -- fortiwebA stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files.2023-02-16not yet calculatedCVE-2023-23781
MISC
fortinet -- fortiwebA heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands.2023-02-16not yet calculatedCVE-2023-23782
MISC
fortinet -- fortiwebA use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.2023-02-16not yet calculatedCVE-2023-23783
MISC
fortinet -- fortiwebA relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests.2023-02-16not yet calculatedCVE-2023-23784
MISC
siemens -- mendixA vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All versions < V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions < V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.15). Some of the Mendix runtime API’s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors.2023-02-14not yet calculatedCVE-2023-23835
MISC
solarwinds -- platformSolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.2023-02-15not yet calculatedCVE-2023-23836
MISC
MISC
synopsys -- jenkins_coverity_pluginA cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2023-02-15not yet calculatedCVE-2023-23847
CONFIRM
CONFIRM
synopsys -- jenkins_coverity_pluginMissing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2023-02-15not yet calculatedCVE-2023-23848
CONFIRM
CONFIRM
synopsys -- jenkins_coverity_pluginA missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.2023-02-15not yet calculatedCVE-2023-23850
CONFIRM
CONFIRM
sap_se -- business_planning_and_consolidationSAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. If other users visit the uploaded malicious web page, the attacker may perform actions on behalf of the users without their consent impacting the confidentiality and integrity of the system.2023-02-14not yet calculatedCVE-2023-23851
MISC
MISC
sap_se -- solution_managerSAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.2023-02-14not yet calculatedCVE-2023-23852
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platformAn unauthenticated attacker in AP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, can craft a link which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack. Vulnerability has no direct impact on availability.2023-02-14not yet calculatedCVE-2023-23853
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platformSAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.2023-02-14not yet calculatedCVE-2023-23854
MISC
MISC
sap_se -- solution_managerSAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to confidentiality, integrity and availability.2023-02-14not yet calculatedCVE-2023-23855
MISC
MISC
sap_se -- businessobjects_business_intelligenceIn SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS attacks. On successful exploitation an attacker can cause a low impact on integrity of the application.2023-02-14not yet calculatedCVE-2023-23856
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platformDue to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and might be directed with the response to somewhere out-side SAP and enter sensitive data. This could cause a limited impact on confidentiality and integrity of the application.2023-02-14not yet calculatedCVE-2023-23858
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platformSAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.2023-02-14not yet calculatedCVE-2023-23859
MISC
MISC
sap_se -- netweaver_application_server_for_abap_and_abap_platformSAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack.2023-02-14not yet calculatedCVE-2023-23860
MISC
MISC
hasthemes -- extensions_for_cf7Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation.2023-02-17not yet calculatedCVE-2023-23899
MISC
moodle -- moodleThe vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.2023-02-17not yet calculatedCVE-2023-23921
MISC
MISC
MISC
moodle -- moodleThe vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.2023-02-17not yet calculatedCVE-2023-23922
MISC
MISC
MISC
moodle -- moodleThe vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.2023-02-17not yet calculatedCVE-2023-23923
MISC
MISC
MISC
apoc -- apocAPOC (Awesome Procedures on Cypher) is an add-on library for Neo4j. An XML External Entity (XXE) vulnerability found in the apoc.import.graphml procedure of APOC core plugin prior to version 5.5.0 in Neo4j graph database. XML External Entity (XXE) injection occurs when the XML parser allows external entities to be resolved. The XML parser used by the apoc.import.graphml procedure was not configured in a secure way and therefore allowed this. External entities can be used to read local files, send HTTP requests, and perform denial-of-service attacks on the application. Abusing the XXE vulnerability enabled assessors to read local files remotely. Although with the level of privileges assessors had this was limited to one-line files. With the ability to write to the database, any file could have been read. Additionally, assessors noted, with local testing, the server could be crashed by passing in improperly formatted XML. The minimum version containing a patch for this vulnerability is 5.5.0. Those who cannot upgrade the library can control the allowlist of the procedures that can be used in your system.2023-02-16not yet calculatedCVE-2023-23926
MISC
MISC
MISC
MISC
werkzeug -- werkzeugWerkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.2023-02-14not yet calculatedCVE-2023-23934
MISC
MISC
MISC
undici -- undiciUndici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the `headers.host` string before passing to undici.2023-02-16not yet calculatedCVE-2023-23936
MISC
MISC
MISC
MISC
git -- gitGit, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.2023-02-14not yet calculatedCVE-2023-23946
MISC
MISC
argo_cd -- argo_cdArgo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All Argo CD versions starting with 2.3.0-rc1 and prior to 2.3.17, 2.4.23 2.5.11, and 2.6.2 are vulnerable to an improper authorization bug which allows users who have the ability to update at least one cluster secret to update any cluster secret. The attacker could use this access to escalate privileges (potentially controlling Kubernetes resources) or to break Argo CD functionality (by preventing connections to external clusters). A patch for this vulnerability has been released in Argo CD versions 2.6.2, 2.5.11, 2.4.23, and 2.3.17. Two workarounds are available. Either modify the RBAC configuration to completely revoke all `clusters, update` access, or use the `destinations` and `clusterResourceWhitelist` fields to apply similar restrictions as the `namespaces` and `clusterResources` fields.2023-02-16not yet calculatedCVE-2023-23947
MISC
MISC
owncloud -- andriod_appThe ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in `FileContentProvider.kt`. This issue can lead to information disclosure. Two databases, `filelist` and `owncloud_database`, are affected. In version 3.0, the `filelist` database was deprecated. However, injections affecting `owncloud_database` remain relevant as of version 3.0.2023-02-13not yet calculatedCVE-2023-23948
MISC
fuguhub -- fuguhubReal Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.2023-02-17not yet calculatedCVE-2023-24078
MISC
chikoi -- chikoiChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function.2023-02-13not yet calculatedCVE-2023-24084
MISC
slims -- slimsSLIMS v9.5.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /customs/loan_by_class.php?reportView.2023-02-13not yet calculatedCVE-2023-24086
MISC
totolink -- ca300-poeTOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function.2023-02-14not yet calculatedCVE-2023-24159
MISC
totolink -- ca300-poeTOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.2023-02-14not yet calculatedCVE-2023-24160
MISC
totolink -- ca300-poeTOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.2023-02-14not yet calculatedCVE-2023-24161
MISC

ureport2 -- ureport2

An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile.2023-02-14not yet calculatedCVE-2023-24187
MISC
MISC
MISC

ureport2 -- ureport2

ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted.2023-02-13not yet calculatedCVE-2023-24188
MISC
MISC
MISC

luckyframeweb -- luckyframeweb

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml.2023-02-17not yet calculatedCVE-2023-24219
MISC

luckyframeweb -- luckyframeweb

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml.2023-02-17not yet calculatedCVE-2023-24220
MISC

luckyframeweb -- luckyframeweb

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml.2023-02-17not yet calculatedCVE-2023-24221
MISC

totolink -- a7100ru

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.2023-02-16not yet calculatedCVE-2023-24236
MISC

totolink -- a7100ru

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.2023-02-16not yet calculatedCVE-2023-24238
MISC

python -- python

An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.2023-02-17not yet calculatedCVE-2023-24329
MISC
MISC

ujcms -- ujcms

A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.2023-02-17not yet calculatedCVE-2023-24369
MISC

wordpress -- wordpress

Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions.2023-02-14not yet calculatedCVE-2023-24377
MISC

wordpress -- wordpress

Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions.2023-02-14not yet calculatedCVE-2023-24382
MISC

wordpress -- wordpress

Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).2023-02-17not yet calculatedCVE-2023-24388
MISC

siemens -- multiple_products

A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.2023-02-14not yet calculatedCVE-2023-24482
MISC

citrix -- multiple_products

A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.2023-02-16not yet calculatedCVE-2023-24483
MISC

citrix -- multiple_products

A malicious user can cause log files to be written to a directory that they do not have permission to write to.2023-02-16not yet calculatedCVE-2023-24484
MISC

citrix -- multiple_products

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.2023-02-16not yet calculatedCVE-2023-24485
MISC
netgear -- prosafe_24_port_10/100_fs726tpAn uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text.2023-02-15not yet calculatedCVE-2023-24498
MISC
butterfly_button_plugin -- butterfly_button_pluginButterfly Button plugin may leave traces of its use on user's device. Since it is used for reporting domestic problems, this may lead to spouse knowing about its use.2023-02-15not yet calculatedCVE-2023-24499
MISC

sap_se -- multiple_products

Due to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Framework) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to a limited impact on the confidentiality and the integrity of the application.2023-02-14not yet calculatedCVE-2023-24521
MISC
MISC

sap_se -- multiple_products

Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to a limited impact on the confidentiality and the integrity of the application.2023-02-14not yet calculatedCVE-2023-24522
MISC
MISC

sap_se -- multiple_products

An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS command can read or modify any user or system data and can make the system unavailable.2023-02-14not yet calculatedCVE-2023-24523
MISC
MISC

sap_se -- multiple_products

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability.2023-02-14not yet calculatedCVE-2023-24524
MISC
MISC

sap_se -- multiple_products

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application.2023-02-14not yet calculatedCVE-2023-24525
MISC
MISC

sap_se -- multiple_products

SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents.2023-02-14not yet calculatedCVE-2023-24528
MISC
MISC
sap_se -- netweaver_application_server_for_abapDue to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a Reflected Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to hijack a user session, read and modify some sensitive information.2023-02-14not yet calculatedCVE-2023-24529
MISC
MISC
sap_se -- multiple_productsSAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely compromise the application causing high impact on confidentiality, integrity and availability of the application.2023-02-14not yet calculatedCVE-2023-24530
MISC
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24549
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24550
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24551
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24552
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24553
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24554
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24555
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24556
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24557
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24558
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24559
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24560
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24561
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24562
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-24563
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069)2023-02-14not yet calculatedCVE-2023-24564
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)2023-02-14not yet calculatedCVE-2023-24565
MISC

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472)2023-02-14not yet calculatedCVE-2023-24566
MISC

siemens -- multiple_products

Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.2023-02-13not yet calculatedCVE-2023-24572
MISC

django -- django

An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.2023-02-15not yet calculatedCVE-2023-24580
MISC
MISC
MISC
MISC
MLIST

siemens -- multiple_products

A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V2023Update2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted STP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19425)2023-02-14not yet calculatedCVE-2023-24581
MISC
redpanda -- redpandaRedpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versions are 22.3.12, 22.2.10, and 22.1.12.2023-02-13not yet calculatedCVE-2023-24619
MISC
food_ordering_system -- food_ordering_systemAn arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.2023-02-13not yet calculatedCVE-2023-24646
MISC
food_ordering_system -- food_ordering_systemFood Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.2023-02-13not yet calculatedCVE-2023-24647
MISC

zstore -- zstore

Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php.2023-02-13not yet calculatedCVE-2023-24648
MISC
changedetection.io -- changedetection.ioChangedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the main page. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter under the "Add a new change detection watch" function.2023-02-17not yet calculatedCVE-2023-24769
MISC
MISC

peazip -- peazip

An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End of Archive tag function of the peazip/pea UNPEA feature.2023-02-17not yet calculatedCVE-2023-24785
MISC
owncloud -- andriod_appThe ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the .txt extension). Version 3.0 fixes the reported bypasses.2023-02-13not yet calculatedCVE-2023-24804
MISC
MISC
MISC
undici -- undiciUndici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.2023-02-16not yet calculatedCVE-2023-24807
MISC
MISC
MISC
MISC

nethack -- nethack

NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds.2023-02-17not yet calculatedCVE-2023-24809
MISC
MISC

ibm -- infosphere_information_server

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 2463332023-02-17not yet calculatedCVE-2023-24960
MISC
MISC

ibm -- infosphere_information_server

IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.2023-02-17not yet calculatedCVE-2023-24964
MISC
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19788)2023-02-14not yet calculatedCVE-2023-24978
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789)2023-02-14not yet calculatedCVE-2023-24979
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19790)2023-02-14not yet calculatedCVE-2023-24980
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791)2023-02-14not yet calculatedCVE-2023-24981
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)2023-02-14not yet calculatedCVE-2023-24982
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19805)2023-02-14not yet calculatedCVE-2023-24983
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806)2023-02-14not yet calculatedCVE-2023-24984
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807)2023-02-14not yet calculatedCVE-2023-24985
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808)2023-02-14not yet calculatedCVE-2023-24986
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809)2023-02-14not yet calculatedCVE-2023-24987
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810)2023-02-14not yet calculatedCVE-2023-24988
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)2023-02-14not yet calculatedCVE-2023-24989
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812)2023-02-14not yet calculatedCVE-2023-24990
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813)2023-02-14not yet calculatedCVE-2023-24991
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)2023-02-14not yet calculatedCVE-2023-24992
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815)2023-02-14not yet calculatedCVE-2023-24993
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816)2023-02-14not yet calculatedCVE-2023-24994
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)2023-02-14not yet calculatedCVE-2023-24995
MISC
siemens -- tecnomatix_plant_simulationA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818)2023-02-14not yet calculatedCVE-2023-24996
MISC
nec -- pc_settings_toolPC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges.2023-02-15not yet calculatedCVE-2023-25011
MISC
wordpress -- wordpressCross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.2023-02-14not yet calculatedCVE-2023-25065
MISC
foliovision -- fv_flowplayer_video_playerCross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.2023-02-14not yet calculatedCVE-2023-25066
MISC
siemens -- parasolid/solid_edgeA vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V2210Update12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.2023-02-14not yet calculatedCVE-2023-25140
MISC
MISC

apache -- sling_jcr_base

Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDNI and RMI. Users of Apache Sling JCR Base are recommended to upgrade to Apache Sling JCR Base 3.1.12 or later, or to run on a more recent JDK.2023-02-14not yet calculatedCVE-2023-25141
MISC

timescaledb -- timescaledb

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run with a locked down `search_path`, allowing malicious users to create functions that would be executed by the telemetry job, leading to privilege escalation. In order to be able to take advantage of this vulnerability, a user would need to be able to create objects in a database and then get a superuser to install TimescaleDB into their database. When TimescaleDB is installed as trusted extension, non-superusers can install the extension without help from a superuser. Version 2.9.3 fixes this issue. As a mitigation, the `search_path` of the user running the telemetry job can be locked down to not include schemas writable by other users. The vulnerability is not exploitable on instances in Timescale Cloud and Managed Service for TimescaleDB due to additional security provisions in place on those platforms.2023-02-14not yet calculatedCVE-2023-25149
MISC
MISC
MISC

containerd -- containerd

containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.2023-02-16not yet calculatedCVE-2023-25153
MISC
MISC
MISC
MISC

kiwi_tcms -- kiwi_tcms

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a rate-limiting proxy in front of Kiwi TCMS.2023-02-15not yet calculatedCVE-2023-25156
MISC
MISC
MISC
MISC
nextcloud -- multiple_productsNextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, and Nextcloud Office (Richdocuments) App 6.x prior to 6.3.1 and 7.x prior to 7.0.1 have previews accessible without a watermark. The download should be hidden and the watermark should get applied. This issue is fixed in Nextcloud Server 25.0.1 and 24.0.8, Nextcloud Enterprise Server 25.0.1 and 24.0.8, and Nextcloud Office (Richdocuments) App 7.0.1 (for 25) and 6.3.1 (for 24). No known workarounds are available.2023-02-13not yet calculatedCVE-2023-25159
MISC
MISC
MISC
MISC
nextcloud -- mail
 		Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail 1.11.8 for Nextcloud 20 to receive a patch. No known workarounds are available.2023-02-13not yet calculatedCVE-2023-25160
MISC
MISC
MISC
nextcloud -- server/enterprise_serverNextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known workarounds are available.2023-02-13not yet calculatedCVE-2023-25161
MISC
MISC
MISC
nextcloud -- server/enterprise_serverNextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available.2023-02-13not yet calculatedCVE-2023-25162
MISC
MISC
MISC

kiwi_tcms -- kiwi_tcms

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.2023-02-15not yet calculatedCVE-2023-25171
MISC
MISC
MISC
MISC

containerd -- containerd

containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups.2023-02-16not yet calculatedCVE-2023-25173
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC

ami -- megarac_spx

AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.2023-02-15not yet calculatedCVE-2023-25191
MISC

ami -- megarac_spx

AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.2023-02-15not yet calculatedCVE-2023-25192
MISC

pimcore -- pimcore

An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code.2023-02-13not yet calculatedCVE-2023-25240
MISC
MISC

bgerp -- bgerp

bgERP v22.31 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.2023-02-13not yet calculatedCVE-2023-25241
MISC
MISC

gss_ntlmssp -- gss_ntlmssp

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of internal buffers. Although most applications will error out before accepting a singe input buffer of 4GB in length this could theoretically happen. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point if the application allows tokens greater than 4GB in length. This can lead to a large, up to 65KB, out-of-bounds read which could cause a denial-of-service if it reads from unmapped memory. Version 1.2.0 contains a patch for the out-of-bounds reads.2023-02-14not yet calculatedCVE-2023-25563
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in memory if `ntlm_str_convert()` were to fail, which would leave `outlen` uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This issue is fixed in version 1.2.0.2023-02-14not yet calculatedCVE-2023-25564
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the `cb` and `sh` buffers contain a copy of the data that needs to be freed. However, that is not the case. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This will likely trigger an assertion failure in `free`, causing a denial-of-service. This issue is fixed in version 1.2.0.2023-02-14not yet calculatedCVE-2023-25565
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsing usernames which can trigger a denial-of-service. The domain portion of a username may be overridden causing an allocated memory area the size of the domain name to be leaked. An attacker can leak memory via the main `gss_accept_sec_context` entry point, potentially causing a denial-of-service. This issue is fixed in version 1.2.0.2023-02-14not yet calculatedCVE-2023-25566
MISC
MISC
MISC

gss_ntlmssp -- gss_ntlmssp

GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the `av_pair` is not checked properly for two of the elements which can trigger an out-of-bound read. The out-of-bounds read can be triggered via the main `gss_accept_sec_context` entry point and could cause a denial-of-service if the memory is unmapped. The issue is fixed in version 1.2.0.2023-02-14not yet calculatedCVE-2023-25567
MISC
MISC
MISC

backstage -- backstage

Backstage is an open platform for building developer portals. `@backstage/catalog-model` prior to version 1.2.0, `@backstage/core-components` prior to 0.12.4, and `@backstage/plugin-catalog-backend` prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicious actor with access to add or modify content in an instance of the Backstage software catalog to inject script URLs in the entities stored in the catalog. If users of the catalog then click on said URLs, that can lead to an XSS attack. This vulnerability has been patched in both the frontend and backend implementations. The default `Link` component from `@backstage/core-components` version 1.2.0 and greater will now reject `javascript:` URLs, and there is a global override of `window.open` to do the same. In addition, the catalog model v0.12.4 and greater as well as the catalog backend v1.7.2 and greater now has additional validation built in that prevents `javascript:` URLs in known annotations. As a workaround, the general practice of limiting access to modifying catalog content and requiring code reviews greatly help mitigate this vulnerability.2023-02-14not yet calculatedCVE-2023-25571
MISC
MISC
react_admin -- react_adminreact-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and using the `<RichTextField>` are affected. `<RichTextField>` outputs the field value using `dangerouslySetInnerHTML` without client-side sanitization. If the data isn't sanitized server-side, this opens a possible cross-site scripting (XSS) attack. Versions 3.19.12 and 4.7.6 now use `DOMPurify` to escape the HTML before outputting it with React and `dangerouslySetInnerHTML`. Users who already sanitize HTML data server-side do not need to upgrade. As a workaround, users may replace the `<RichTextField>` by a custom field doing sanitization by hand.2023-02-13not yet calculatedCVE-2023-25572
MISC
MISC
MISC
MISC
MISC

fastify -- fastify_multipart

@fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an unlimited number of file parts, the multipart body parser accepting an unlimited number of field parts, and the multipart body parser accepting an unlimited number of empty parts as field parts. This is fixed in v7.4.1 (for Fastify v4.x) and v6.0.1 (for Fastify v3.x). There are no known workarounds.2023-02-14not yet calculatedCVE-2023-25576
MISC
MISC
MISC
MISC
MISC

werkzeug -- werkzeug

Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers. Version 2.2.3 contains a patch for this issue.2023-02-14not yet calculatedCVE-2023-25577
MISC
MISC
MISC

tenable -- starlite

Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and an unlimited number of field parts. This is a remote, potentially unauthenticated Denial of Service vulnerability. This vulnerability affects applications with a request handler that accepts a `Body(media_type=RequestEncodingType.MULTI_PART)`. The large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow down the processing of legitimate user requests. The large amount of RAM accumulated while processing requests can lead to Out-Of-Memory kills. Complete DoS is achievable by sending many concurrent multipart requests in a loop. Version 1.51.2 contains a patch for this issue.2023-02-15not yet calculatedCVE-2023-25578
MISC
MISC
MISC

fortinet -- fortiweb

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.2023-02-16not yet calculatedCVE-2023-25602
MISC
sap_se -- netweaver_application_server_for_abapSAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful exploitation it can gain access to the sensitive information which leads to a limited impact on the confidentiality and the integrity of the application.2023-02-14not yet calculatedCVE-2023-25614
MISC
MISC

node-jose -- node-jose

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in `node-jose` can trigger a Denial-of-Service (DoS) condition, due to a possible infinite loop in an internal calculation. For some ECC operations, this condition is triggered randomly; for others, it can be triggered by malicious input. The issue has been patched in version 2.2.0. Since this issue is only present in the "fallback" crypto implementation, it can be avoided by ensuring that either WebCrypto or the Node `crypto` module is available in the JS environment where `node-jose` is being run.2023-02-16not yet calculatedCVE-2023-25653
MISC
MISC
ruckus_wireless -- adminRuckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.2023-02-13not yet calculatedCVE-2023-25717
MISC
MISC

connectwise -- connectwise_control

The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect) are cryptographically flawed. An attacker can remotely generate or locally alter file contents and bypass code-signing controls. This can be used to execute code as a trusted application provider, escalate privileges, or execute arbitrary commands in the context of the user. The attacker tampers with a trusted, signed executable in transit.2023-02-13not yet calculatedCVE-2023-25718
MISC
MISC

connectwise -- connectwise_control

ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to execute malicious queries or as a denial-of-service vector.2023-02-13not yet calculatedCVE-2023-25719
MISC
MISC

haproxy -- haproxy

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.2023-02-14not yet calculatedCVE-2023-25725
MISC
CONFIRM
MLIST
DEBIAN

phpmyadmin -- phpmyadmin

In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.2023-02-13not yet calculatedCVE-2023-25727
MISC
onekey -- touch/miniOnekey Touch devices through 4.0.0 and Onekey Mini devices through 2.10.0 allow man-in-the-middle attackers to obtain the seed phase. The man-in-the-middle access can only be obtained after disassembling a device (i.e., here, "man-in-the-middle" does not refer to the attacker's position on an IP network). NOTE: the vendor states that "our hardware team has updated the security patch without anyone being affected."2023-02-14not yet calculatedCVE-2023-25758
MISC
MISC
MISC
jenkins -- junit_plugin_1166.va_436e268e972Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.2023-02-15not yet calculatedCVE-2023-25761
CONFIRM
MLIST

jenkins -- pipeline_build_step_plugin

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.2023-02-15not yet calculatedCVE-2023-25762
CONFIRM
MLIST

jenkins -- email_extension_plugin

Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.2023-02-15not yet calculatedCVE-2023-25763
CONFIRM
MLIST

jenkins -- email_extension_plugin

Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.2023-02-15not yet calculatedCVE-2023-25764
CONFIRM
MLIST

jenkins -- email_extension_plugin

In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.2023-02-15not yet calculatedCVE-2023-25765
CONFIRM
MLIST

jenkins -- azure_credentials_plugin

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.2023-02-15not yet calculatedCVE-2023-25766
CONFIRM
MLIST
enkins -- azure_credentials_plugin
 		A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.2023-02-15not yet calculatedCVE-2023-25767
CONFIRM
MLIST
enkins -- azure_credentials_pluginA missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.2023-02-15not yet calculatedCVE-2023-25768
CONFIRM
MLIST

craftercms -- craftercms

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.2023-02-17not yet calculatedCVE-2023-26020
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.