CVE-2018-10360,The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2463,"The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,8.6,3.9,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE
CVE-2018-12633,"An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H,6.3,1.0,5.2,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-8320,"A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka ""Windows DNS Security Feature Bypass Vulnerability."" This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-12909,"Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a ""publicly accessible environment.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-4976,"Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-16429,"GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-10969,SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4160,"An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the ""Kernel"" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7930,"The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.",CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.7,2.1,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-5698,libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12023,"An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0244,"A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N,5.8,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,LOW,NONE
CVE-2018-13758,"The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-0449,"A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory permissions set on a JCF created directory. An authenticated attacker with the ability to access an affected directory could create a hard link to an arbitrary location on the affected system. An attacker could convince another user that has administrative privileges to perform an install or update the Cisco Jabber for Mac client to perform such actions, allowing files to be created in an arbitrary location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten.",CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N,4.2,0.6000000000000001,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-3948,"An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-4321,"A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-14945,An issue has been found in jpeg_encoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpeg_encoder.cpp.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10260,"A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20010,DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6764,"util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1015,"A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka ""Microsoft Graphics Remote Code Execution Vulnerability."" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1016.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14505,"mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19559,CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18924,"The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with ""#exec cmd"" because rejected files remain on the server, with predictable filenames, after a ""This file is not a valid image"" error message.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17668,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the removeAttribute method of a XFA object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6522.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13286,Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20789,tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-3074,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-14952,"The mail message display page in SquirrelMail through 1.4.22 has XSS via a ""<math><maction xlink:href="" attack.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0546,Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13704,"The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-7668,TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-1937,IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept highly sensitive unencrypted data. IBM X-Force ID: 153317.,CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7442,"An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-20865,cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15169,A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager 13 before build 13820 allows remote attackers to inject arbitrary web script or HTML via the /deleteMO.do method parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-17380,"SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12627,An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the show_notification_list_issues or show_authorized_issues parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6077,Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-13602,"The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-8479,"A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka ""Azure IoT SDK Spoofing Vulnerability."" This affects C SDK.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L,5.6,2.2,3.4,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-17125,CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring to plugins\sys\admin\Plugins.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6151,"Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5044,"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-10311,A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15369,"A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker could exploit this vulnerability by injecting a crafted TACACS+ packet into an existing TACACS+ session between an affected device and a TACACS+ server or by impersonating a known, valid TACACS+ server and sending a crafted TACACS+ packet to an affected device when establishing a connection to the device. To exploit this vulnerability by using either method, the attacker must know the shared TACACS+ secret and the crafted packet must be sent in response to a TACACS+ request from a TACACS+ client. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H,6.8,2.2,4.0,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-5877,"In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10480,"This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the U3D Node Name buffer. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5401.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12572,"Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13000,An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9. A persistent XSS vulnerability is located in the `FTP Link` element of the `Private Message` module. The editor of the private message module allows inserting links without sanitizing the content. This allows remote attackers to inject malicious script code payloads as a private message (aka pmbody). The injection point is the editor ftp link element and the execution point occurs in the message body context on arrival. The request method to inject is POST with restricted user privileges.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15907,"Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7231,A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'system.opkg.remove'.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15502,Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to download any confidential files via https requests for predictable URLs.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-10918,A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0659,Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-19058,"An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-8050,The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-15323,"On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-9841,The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3895,"An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15485,"An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require authentication or authorization, aka KONE-03.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-16480,"A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13171,"The mintToken function of a smart contract implementation for LadaToken (LDT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-1523,IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141804.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-10994,js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) before 1.10.1 allows XSS via a URL.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-11750,"Previous releases of the Puppet cisco_ios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of cisco_ios, host key checking is enabled by default.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-1299,"In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it and leave Allura vulnerable.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11559,"DomainMod 4.10.0 has Stored XSS in the ""/settings/profile/index.php"" new_last_name parameter.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6661,DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19051,MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0550,"Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of ""Cabinet"" via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-5851,"Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3902,"An exploitable buffer overflow vulnerability exists in the camera ""replace"" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-12436,"wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15140,"Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the ""docid"" parameter when the mode is set to get.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15394,"A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15631,"Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20633,PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6773,"In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008084.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16523,"Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,7.4,2.2,5.2,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-0134,"A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to determine whether a subscriber username is valid. The vulnerability occurs because the Cisco Policy Suite RADIUS server component returns different authentication failure messages based on the validity of usernames. An attacker could use these messages to determine whether a valid subscriber username has been identified. The attacker could use this information in subsequent attacks against the system. Cisco Bug IDs: CSCvg47830.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-0328,"A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvg89116.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13030,An issue was discovered in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12922,Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-13053,The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2018-12480,Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-9986,"In Zulip Server versions before 1.7.2, there were XSS issues with the frontend markdown processor.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-19616,An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2684,"Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle User Management accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19370,A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.,CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9145,"In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-5068,"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-2466,"In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1368,"IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Force ID: 137765.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,4.4,1.8,2.5,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2018-0838,"Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka ""Scripting Engine Memory Corruption Vulnerability"". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16858,"It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15460,"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-1525,"IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142117.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19331,An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-9339,"In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13206,"The sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which ""amount * sellPrice"" can be zero, consequently reducing a seller's assets.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-0745,"The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka ""Windows Information Disclosure Vulnerability"". This CVE ID is unique from CVE-2018-0746 and CVE-2018-0747.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-13776,"The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-20029,The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-15596,"An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15719,"Open Dental before version 18.4 installs a mysql database and uses the default credentials of ""root"" with a blank password. This allows anyone on the network with access to the server to access all database information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13714,"The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-0273,"A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of corrupted Internet Key Exchange Version 2 (IKEv2) messages. An attacker could exploit this vulnerability by sending crafted IKEv2 messages toward an affected router. A successful exploit could allow the attacker to cause the ipsecmgr service to reload. A reload of this service could cause all IPsec VPN tunnels to be terminated and prevent new tunnels from being established until the service has restarted, resulting in a DoS condition. This vulnerability affects the following Cisco products when they are running Cisco StarOS: Cisco Aggregation Services Router (ASR) 5000 Series Routers, Virtualized Packet Core (VPC) System Software. Cisco Bug IDs: CSCve29605.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2018-14831,An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-3609,A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17161,"In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18399,"SQL injection vulnerability in the ""ContentPlaceHolder1_uxTitle"" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the ""id"" parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8611,"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka ""Windows Kernel Elevation of Privilege Vulnerability."" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11966,"Undefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15379,"A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9330,"register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13396,There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17846,"The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6104,Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-4368,"A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-12805,Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18803,"Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5455,"A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17613,"Telegram Desktop (aka tdesktop) 1.3.16 alpha, when ""Use proxy"" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6048,Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2018-1168,This vulnerability allows local attackers to escalate privileges on vulnerable installations of ABB MicroSCADA 9.3 with FP 1-2-3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the access controls for the installed product files. The installation procedure leaves critical files open to manipulation by any authenticated user. An attacker can leverage this vulnerability to escalate privileges to SYSTEM. Was ZDI-CAN-5097.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3292,"Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2018-11218,"Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19167,"CloakCoin through 2.2.2.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0363,"A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvi55878.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2459,"Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-6188,"django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20218,"An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/www/check.lp file. An attacker is able to perform command injection using the ""password"" parameter in the login form.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000211,"Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-9573,In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116467350.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18567,AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-16146,"The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18330,An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6580,Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19452,"A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free location and requires different JavaScript code for exploitation.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16668,An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-0349,"A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the request admin-tech command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69852, CSCvi69856.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000417,A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and earlier in ExtEmailTemplateManagement.java that allows creating or removing templates.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2018-7542,An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-0595,Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4347,"A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10997,Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15392,"A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of DHCP lease requests. An attacker could exploit this vulnerability by sending malicious DHCP lease requests to an affected application. A successful exploit could allow the attacker to cause the DHCP service to terminate, resulting in a DoS condition.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2018-8157,"A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka ""Microsoft Office Remote Code Execution Vulnerability."" This affects Microsoft Office. This CVE ID is unique from CVE-2018-8158, CVE-2018-8161.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6184,ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11549,"An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in ""Account Settings -> Member Centre -> Chinese information -> Ordinary member"" via a QQ number, as demonstrated by a form[qq_10]= substring.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-18692,A reflected Cross-Site scripting (XSS) vulnerability in SEMCO Semcosoft 5.3 allows remote attackers to inject arbitrary web scripts or HTML via the username parameter to the Login Form.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-4201,"An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the ""WebKit"" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15447,"A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13089,"The mintToken function of a smart contract implementation for Universal Coin (UCOIN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-13843,"An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the ""failure to free memory"" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-12769,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7828,A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7518,"In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9138,"An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0969,"An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka ""Windows Kernel Information Disclosure Vulnerability."" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7253,The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12972,"An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13992,"The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14710,"Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the ""hook"" URL parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7327,"In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6628,"In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19025,"In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11880,"Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0108,"A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-19937,"A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone.",CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8437,"A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka ""Windows Hyper-V Denial of Service Vulnerability."" This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8436, CVE-2018-8438.",CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H,6.2,1.7000000000000002,4.0,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-0993,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ""Chakra Scripting Engine Memory Corruption Vulnerability."" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13793,"Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14565,An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9867,"In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-2737,"Vulnerability in the Oracle Retail Returns Management component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 2.3.8, 2.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Returns Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Returns Management accessible data as well as unauthorized read access to a subset of Oracle Retail Returns Management accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,6.5,3.9,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2018-18741,An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1 during editing.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0764,"Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka "".NET and .NET Core Denial Of Service Vulnerability"". This CVE is unique from CVE-2018-0765.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2833,"Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Supported versions that are affected are 2.7, 2.8, 2.9 and 2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Simphony accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Simphony accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-17852,A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the groupname parameter to the /index.php?m=coupon&f=card&v=detail_listing URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0035,"QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. This additional partition allows the superuser to reboot to the ONIE partition which will wipe out the content of the Junos partition and its configuration. Once rebooted, the ONIE partition will not have root password configured, thus any user can access the console or SSH, using an IP address acquired from DHCP, as root without password. Once the device has been shipped or upgraded with the ONIE partition installed, the issue will persist. Simply upgrading to higher release via the CLI will not resolve the issue. No other Juniper Networks products or platforms are affected by this issue.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11357,"In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1505,IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 141413.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-7821,"An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-13283,"Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-6578,SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7495,"In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6198,"w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-9458,"In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18359,Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10730,"All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-18958,OPNsense 18.7.x before 18.7.7 has Incorrect Access Control.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-4339,This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12914,"A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13784,"PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-19818,"Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page ""/VPortal/mgtconsole/Contacts.jsp"" has reflected XSS via the ConnPoolName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13444,An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17144,"Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-21053,"An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is Clipboard access in the lockscreen state via a physical keyboard. The Samsung ID is SVE-2018-12684 (October 2018).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7340,"Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-4140,"An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the ""Telephony"" component. It allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a Class 0 SMS message.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-13395,"Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the epic colour field of an issue while an issue is being moved.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-2485,It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application. This can include reading and writing of information and calling device specific JavaScript APIs in the application. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.,CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,7.7,2.5,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-21087,"An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15417,A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8476,"A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka ""Windows Deployment Services TFTP Server Remote Code Execution Vulnerability."" This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20598,UCMS 1.4.7 has ?do=user_addpost CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3193,"Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Activity Guide). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1000539,Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2018-7169,"An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used ""group blacklisting"" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-13543,"The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-8260,"A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka "".NET Framework Remote Code Execution Vulnerability."" This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12584,The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1782,"IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-18496,"When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox < 64.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2762,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7243,"An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to get a full access to device, bypassing the authorization system.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6396,"SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17069,An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new content via ?q=node%2Fadd%2Farticle&render=overlay&render=overlay.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-5955,"An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9975,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of shift events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5762.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1607,IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 143797.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,7.1,2.8,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,LOW
CVE-2018-7363,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11507,An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long loop in image_load_pnm in image/image-pnm.cpp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1000159,"tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line ""end_pos = data_len - 1 - mac.digest_size"" that can result in an attacker manipulating the TLS ciphertext which will not be detected by receiving tlslite-ng. This attack appears to be exploitable via man in the middle on a network connection. This vulnerability appears to have been fixed after commit 3674815d1b0f7484454995e2737a352e0a6a93d8.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-0007,"An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. Further crafted packets may be able to sustain the denial of service condition. Score: 6.5 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Further, if the attacker is authenticated on the target device receiving and processing the malicious LLDP packet, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over the target device thereby elevating their permissions and privileges, and taking control of the device. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to one or more local segments, via LLDP proxy / tunneling agents or other LLDP through Layer 3 deployments, through one or more local segment broadcasts, may be able to cause multiple Junos devices to enter an improper boundary check condition allowing a memory corruption to occur, leading to multiple distributed Denials of Services. These Denials of Services attacks may have cascading Denials of Services to adjacent connected devices, impacts network devices, servers, workstations, etc. Further crafted packets may be able to sustain these Denials of Services conditions. Score 6.8 MEDIUM (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H) Further, if the attacker is authenticated on one or more target devices receiving and processing these malicious LLDP packets, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over multiple target devices thereby elevating their permissions and privileges, and taking control multiple devices. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71; 12.3 versions prior to 12.3R12-S7; 12.3X48 versions prior to 12.3X48-D55; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D46, 14.1X53-D50, 14.1X53-D107; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7; 15.1X49 versions prior to 15.1X49-D90; 15.1X53 versions prior to 15.1X53-D65; 16.1 versions prior to 16.1R4-S6, 16.1R5; 16.1X65 versions prior to 16.1X65-D45; 16.2 versions prior to 16.2R2; 17.1 versions prior to 17.1R2. No other Juniper Networks products or platforms are affected by this issue.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5541,"When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0145,"A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information on the affected system. Cisco Bug IDs: CSCvg45105.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1000133,"Pitchfork version 1.4.6 RC1 contains an Improper Privilege Management vulnerability in Trident Pitchfork components that can result in A standard unprivileged user could gain system administrator permissions within the web portal.. This attack appear to be exploitable via The user must be able to login, and could edit their profile and set the ""System Administrator"" permission to ""yes"" on themselves.. This vulnerability appears to have been fixed in 1.4.6 RC2.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12463,"An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17783,A cross-site scripting (XSS) vulnerability in the Edit Filter page (manage_filter_edit page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-2896,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Banking Payments, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0878,"Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka ""Windows Remote Assistance Information Disclosure Vulnerability"".",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,3.1,1.6,1.4,LOW,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2018-13669,"The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-14420,"MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8505,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ""Chakra Scripting Engine Memory Corruption Vulnerability."" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14007,Citrix XenServer 7.1 and newer allows Directory Traversal.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13134,TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1528,IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. IBM X-Force ID: 142290.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-5190,"PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5842,"An arbitrary address write can occur if a compromised WLAN firmware sends incorrect data to WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15706,WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11986,"In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0577,Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6605,"SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18348,Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2018-1000660,"TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function get_package_name in the file kernel/src/tbfheader.rs, variable ""pub package_name: &'static str,"" in the file process.rs that can result in A tock capsule (untrusted driver) could access arbitrary memory by using only safe code. This vulnerability appears to have been fixed in commit 42f7f36e74088036068d62253e1d8fb26605feed.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20420,"In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-9113,"Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type=""text/javascript"" src=' line. Fix released on 2018-03-29.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1121,"procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-11544,The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15480,"An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The cloud API had a hidden parameter, which allowed an authenticated user to reconfigure the server URL for a device registered to their account. In combination with an insecure device registration vulnerability, this allowed an attacker to reconfigure a maliciously registered device to their own rogue replica of the myStrom API and issue commands to the device, including firmware update commands.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14969,An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-11064,Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools that might result in arbitrary code execution with elevated privileges. No user file systems are directly affected by this vulnerability.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3311,"Vulnerability in the Oracle Retail Xstore Payment component of Oracle Retail Applications (subcomponent: Security). The supported version that is affected is 3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Payment. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Xstore Payment accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Xstore Payment accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Payment. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L,8.6,3.9,4.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,LOW
CVE-2018-13555,"The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-20243,The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in fineract jira issues 726 and 629.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-13863,The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-13127,SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-7582,WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1000558,OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-5749,"install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20777,Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-20450,"The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-13693,"The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-13397,There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7068,HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1633,IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17911,"LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9122,"In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-2668,"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-19228,"An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-11771,"When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-3002,"Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management System executes to compromise Oracle Hospitality Cruise Fleet Management System. While the vulnerability is in Oracle Hospitality Cruise Fleet Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management System accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).",CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,7.1,2.5,4.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE
CVE-2018-1000154,"Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser. This attack appear to be exploitable via the victim openning a ticket. This vulnerability appears to have been fixed in 2.3.1, 2.2.2 and 2.1.3.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-20921,"cPanel before 70.0.23 allows stored XSS via a WHM ""Delete a DNS Zone"" action (SEC-375).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8545,"An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka ""Microsoft Edge Information Disclosure Vulnerability."" This affects Microsoft Edge.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2018-6860,Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4350,A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6868,Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8305,"An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka ""Windows Mail Client Information Disclosure Vulnerability."" This affects Mail, Calendar, and People in Windows 8.1 App Store.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-4152,"An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the ""Notes"" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.",CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000854,esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable via Use of another weakness in backend application to reflect ESI directives. This vulnerability appears to have been fixed in 5.3.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8849,"Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-25008,"In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-10645,"Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the ""VyprVPN"" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The ""SetProperty"" method allows an attacker to configure the ""AdditionalOpenVpnParameters"" property and control the OpenVPN command line. Using the OpenVPN ""plugin"" parameter, an attacker may specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. This attack may be conducted using ""VyprVPN Free"" account credentials and the VyprVPN Desktop Client.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000812,"Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2805,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-15923,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19981,"Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must have ""root"" privilege access to the Android filesystem in order to exploit this vulnerability (i.e. the device has been compromised, such as disabling or bypassing Android's fundamental security mechanisms).",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11515,The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13009,"An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10016,Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0671,Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows an attacker with administrator rights to execute arbitrary code on the Windows system via unspecified vectors.,CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7846,"A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15588,MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-11011,ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15499,"GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-14451,An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3246,Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-6893,"controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13160,"The mintToken function of a smart contract implementation for etktokens (ETK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-15812,"DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-17071,"The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entry_number. This variable is private, yet it is readable by eth.getStorageAt function. Also, attackers can purchase a ticket at a low price by directly calling the fallback function with small msg.value, because the developer set the currency unit incorrectly. Therefore, it allows attackers to always win and get rewards.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0885,"The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a privileged user on a guest operating system is validated, aka ""Hyper-V Denial of Service Vulnerability"".",CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H,5.8,1.3,4.0,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,HIGH,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-11734,"In e107 v2.1.7, output without filtering results in XSS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-18712,An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7047,An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20129,"An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified "".php"" substring, in conjunction with the image/jpeg content type, as demonstrated by the filename=1.jpg.p*hp value.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9245,The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17077,An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-10167,"The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in order to elevate their privileges. This is fixed in version 2.6.1_Windows.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20352,Use-after-free vulnerability in the mg_cgi_ev_handler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4431,"A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-4975,"Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-18929,"The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username and password. This can be found by a limited user account in an ""unattend.xml"" file left over on the C: drive from the Sysprep process. An attacker with this username and password can leverage it to gain administrator-level access on the system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9366,"In IMSA_Recv_Thread and VT_IMCB_Thread of ImsaClient.cpp and VideoTelephony.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14822,"Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user and execute arbitrary code.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15633,"Cross-site scripting (XSS) issue in ""document"" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15594,"arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0620,Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3156,"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11008,An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6119,Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-1000007,"libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7997,"Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-20962,The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-18284,Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2018-0845,"Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka ""Microsoft Word Remote Code Execution Vulnerability"". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0089,"A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would also have to have access to the internal VLAN where CPS is deployed. The vulnerability is due to incorrect permissions of certain system files and not sufficiently protecting sensitive data that is at rest. An attacker could exploit the vulnerability by using certain tools available on the internal network interface to request and view system files. An exploit could allow the attacker to find out sensitive information about the application. Cisco Bug IDs: CSCvf77666.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-6099,A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-5687,NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-3221,"Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H,7.1,2.8,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,HIGH
CVE-2018-5806,"An error within the ""leaf_hdr_load_raw()"" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-9045,"In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002849.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15880,An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile page could lead to a stored XSS attack.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-21021,img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8506,"An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka ""Microsoft Windows Codecs Library Information Disclosure Vulnerability."" This affects Windows 10 Servers, Windows 10, Windows Server 2019.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7238,"A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13327,"The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-12015,"In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-19332,An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-21203,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6100 before 1.0.1.20, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20583,"Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML (even if allow_unsafe_links is false) via a newline character (e.g., writing javascript as javascri%0apt).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-17088,"The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1672,"IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-9059,Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp.  NOTE: this may overlap CVE-2014-3791.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5141,A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox < 59.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H,8.2,3.9,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,HIGH
CVE-2018-0829,"The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka ""Windows Information Disclosure Vulnerability"". This CVE is unique from CVE-2018-0830 and CVE-2018-0832.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0700,YukiWiki 2.1.3 and earlier does not process a particular request properly that may allow consumption of large amounts of CPU and memory resources and may result in causing a denial of service condition.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-4200,"An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the ""WebKit"" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7658,NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-9456,"In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6092,An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19391,"Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0797,"Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka ""Microsoft Word Memory Corruption Vulnerability"".",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18387,playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19811,"Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page ""/VPortal/mgtconsole/Import.jsp"" has reflected XSS via the ConnPoolName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6318,"In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). A person can change this DLL in a local way, or with a remote connection, to a malicious DLL with the same name -- and when the product is used, this malicious DLL will be loaded, aka a DLL Hijacking attack.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16013,"Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11091,"An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the ""HiddenFieldControlCustomWhiteListedExtensions"" parameter and add arbitrary extensions to the whitelist during the upload. For instance, if the extension .asp is added to the ""HiddenFieldControlCustomWhiteListedExtensions"" parameter, the server accepts ""secctest.asp"" as a legitimate file. Hence malicious files can be uploaded in order to execute arbitrary commands to take over the server.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-9846,"In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled ""_uid"" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2727,"Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Market Risk Measurement and Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Market Risk Measurement and Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Market Risk Measurement and Management accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-2628,"Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0005,QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5701,"In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9356,"In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74950468.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8609,"A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka ""Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability."" This affects Microsoft Dynamics 365.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6080,Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes .,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-4924,Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3583,"A buffer overflow can occur while processing an extscan hotlist event in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QCS605, SD 625, SD 636, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1046,"pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18987,"VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3069,Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-9947,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5472.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18309,"An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11081,"Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1.11.x prior to 2, fails to write the Operations Manager UAA config onto the temp RAM disk, thus exposing the configs directly onto disk. A remote user that has gained access to the Operations Manager VM, can now file search and find the UAA credentials for Operations Manager on the system disk..",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15186,PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7226,An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC packet.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16704,"An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers (logged in users) to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-12376,"Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5884,"Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.",CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.4,2.5,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11591,Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7728,"An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1643,"The Installation Verification Tool of IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144588",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1278,"Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discovered. Accepting this invitation gives unauthorized access to view the member list, domains, quotas and other information about the org.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20298,"S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-10731,"All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728).",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H,9.0,2.2,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-20836,"An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17374,SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5344,"In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17211,An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-11912,"In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of daemons may lead to unprivileged access.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6493,"SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11278,"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-16851,"Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2621,"Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Mobile Gangway and Mustering). The supported version that is affected is 7.3.874. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Shipboard Property Management System accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Shipboard Property Management System accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,8.2,3.9,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2018-11421,"Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to remote unauthenticated disclosure of sensitive information, including the administrator's password. Under certain conditions, it's also possible to retrieve additional information, such as content of HTTP requests to the device, or the previously used password, due to memory leakages.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5189,"Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a ""double fetch"" vulnerability.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14619,"A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The ""null skcipher"" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17632,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode event. The issue results from the lack of validation of the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6700.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5217,"In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002578.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19550,"Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php ""create survey and submit survey"" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2676,"Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-13229,"The sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which ""amount * sellPrice"" can be zero, consequently reducing a seller's assets.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-20034,"A Denial of Service vulnerability related to adding an item to a list in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-15932,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12410,"The web server component of TIBCO Software Inc's Spotfire Statistics Services contains multiple vulnerabilities that may allow the remote execution of code. Without needing to authenticate, an attacker may be able to remotely execute code with the permissions of the system account used to run the web server component. Affected releases are TIBCO Software Inc. TIBCO Spotfire Statistics Services versions up to and including 7.11.0.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8465,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ""Chakra Scripting Engine Memory Corruption Vulnerability."" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3996,"An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17169,An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,7.7,3.1,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2018-0098,"A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve57076.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0926,"The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka ""Windows Kernel Information Disclosure Vulnerability"". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20528,JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11442,"A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17461,An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20442,Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17654,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the insertInstance method of a Form object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6504.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8222,"A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka ""Device Guard Code Integrity Policy Security Feature Bypass Vulnerability."" This affects Windows Server 2016, Windows 10, Windows 10 Servers.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-15796,"Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-1468,IBM API Connect 5.0.8.1 and 5.0.8.2 could allow a user to get access to internal environment and sensitive API details to which they are not authorized. IBM X-Force ID: 140399.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-12178,Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2018-8439,"A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka ""Windows Hyper-V Remote Code Execution Vulnerability."" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0965.",CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.4,1.7000000000000002,6.0,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-16262,"The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5150,"Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8170,"An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka ""Windows Image Elevation of Privilege Vulnerability."" This affects Windows 10, Windows 10 Servers.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5518,"On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in ""host-only"" or ""bridged"" mode. VCMP guests which are ""isolated"" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in ""Appliance Mode"" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as ""host-only"" or ""bridged"" mode is required.",CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H,5.4,1.0,4.0,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,HIGH,HIGH,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-19827,"In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16958,"An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID primary session cookie, when Internet Information Services (IIS) with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, this cookie is exposed to session hijacking attacks should an adversary be able to execute JavaScript in the origin of the portal installation. NOTE: this CVE is assigned by MITRE and isn't validated by Oracle because Oracle WebCenter Interaction Portal is out of support.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2018-9522,"In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112550251",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1758,IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-5261,"An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext information from the handshake as input for the encryption key used for the encryption of the rest of the session, the server and client disclose sensitive information, such as the authentication credentials, to any man-in-the-middle (MiTM) listener.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0188,"Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to insufficient input validation of certain parameters that are passed to the affected software via the web UI. An attacker could exploit these vulnerabilities by persuading a user of the affected UI to access a malicious link or by intercepting a user request for the affected UI and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected UI or allow the attacker to access sensitive browser-based information on the user's system. Cisco Bug IDs: CSCuz38591, CSCvb09530, CSCvb10022.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7538,A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10659,There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-0823,"The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Named Pipe File System handles objects, aka ""Named Pipe File System Elevation of Privilege Vulnerability"".",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20843,"In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6593,An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1768,"IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file. IBM X-Force ID: 148622.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6237,"A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-14269,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the print method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6032.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1999028,An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0514,MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20958,"The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-3838,"An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-2704,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Payments accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Payments. CVSS 3.0 Base Score 8.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2018-14774,"An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N,7.2,3.9,2.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,LOW,NONE
CVE-2018-5267,"Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13518,"The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-20559,An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1000124,I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-11687,"An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red (BTCR), an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address[] array, as exploited in the wild in May 2018, aka the ""ownerUnderflow"" issue.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6129,Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2780,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11826,"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16287,LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17056,Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-19080,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13325,"The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-19190,The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1000204,"Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it ""virtually impossible to exploit.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7507,"WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7161,"All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available. This has been addressed by updating the http2 implementation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7105,"A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15926,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-1000087,"WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in ""Create New File"" and ""Create New Directory"" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This attack appear to be exploitable via Attacker can execute the JavaScript into the ""Create New File"" and ""Create New Directory"" input box from 'files'.",CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0682,"Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10650,There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000997,"A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15514,"HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the ""docker-users"" group (who may not otherwise have administrator access) to escalate to administrator privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5221,Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7648,"An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11899,"While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2930,"Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris Cluster. Successful attacks of this vulnerability can result in takeover of Solaris Cluster. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-25038,A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-14079,Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-8172,"A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka ""Visual Studio Remote Code Execution Vulnerability."" This affects Microsoft Visual Studio, Expression Blend 4.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-25096,A vulnerability was found in MdAlAmin-aol Own Health Record 0.1-alpha/0.2-alpha/0.3-alpha/0.3.1-alpha. It has been rated as problematic. This issue affects some unknown processing of the file includes/logout.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 0.4-alpha is able to address this issue. The patch is named 58b413aa40820b49070782c786c526850ab7748f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-249191.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12087,Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.,CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,5.3,0.9,4.0,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE
CVE-2018-16164,Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7240,"A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6029,"The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the ""csdn"" substring.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15942,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-3274,Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 5.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H,5.7,2.1,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-12382,"The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android < 62.*",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2018-5986,SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17483,"Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and viewing the driver's license column, an attacker could exploit this vulnerability to view the driver's license number and other personal information.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-16158,"Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8245,"A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka ""Microsoft Publisher Remote Code Execution Vulnerability."" This affects Microsoft Publisher.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10911,A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-4859,"A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. The vulnerability could allow an attacker to execute arbitrary code on the device. At the time of advisory publication no public exploitation of this security vulnerability was known.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18224,"A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-0169,"Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has user EXEC mode (privilege level 1) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCtw85441, CSCus42252, CSCuv95370.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11088,"Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13443,EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a crafted wast file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9508,"In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-111936834",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-10323,The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-12126,Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N,5.6,1.1,4.0,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2018-13315,Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers to change the admin user's password via an unauthenticated POST request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5210,"On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2779,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1462,"IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H,7.6,2.8,4.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2018-6162,Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9256,"In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1946,"IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 153388.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19118,Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1081,"A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2018-1923,"IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14295,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF documents. When parsing shading patterns, the process does not properly validate user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6223.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12201,"Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5074,Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-4096,"An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the ""WebKit"" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4956,"Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-1000629,"Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by api/SystemConfigActions.php?action=add and the index.php script. A remote attacker could exploit this vulnerability using the parameterName or _login_username parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-9513,"In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 References: N/A",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4031,"An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without prior sanitization, which results in arbitrary Lua script execution in the kernel. An attacker could send an HTTP request to exploit this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-13670,"The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-1338,A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11774,"Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15542,"An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode.  NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred",CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:02Z,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3947,An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0136,"A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2018-5314,"Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-21005,The bbp-move-topics plugin before 1.1.6 for WordPress has code injection.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19282,"Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a denial of service by crashing the Common Industrial Protocol (CIP) network stack. The vulnerability allows the attacker to crash the CIP in a way that it does not accept new connections, but keeps the current connections active, which can prevent legitimate users from recovering control.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3067,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-4964,"Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20803,"A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions prior to 4.0.5; MongoDB Server v3.6 versions prior to 3.6.10 and MongoDB Server v3.4 versions prior to 3.4.19.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-8460,"A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka ""Internet Explorer Memory Corruption Vulnerability."" This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8491.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0953,"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka ""Scripting Engine Memory Corruption Vulnerability."" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6460,"Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc and extract sensitive information about the machine, including whether the user is connected to a VPN, to which VPN he/she is connected, and what is their real IP address.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19295,Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8457,"A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka ""Scripting Engine Memory Corruption Vulnerability."" This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13339,"Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8100,"The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5161,Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW
CVE-2018-20149,"In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-9092,There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8464,"An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka ""Microsoft Edge PDF Remote Code Execution Vulnerability."" This affects Microsoft Edge.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13726,"The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-16369,"XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11419,"An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp(""[\\u0"") payload, related to re_parse_char_class in parser/regexp/re-parser.c.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9453,"In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78288378.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12876,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20159,"i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a "".php"" file within a "".zip"" file because a ZIP archive is accepted by /admin/?req=modules&action=add as a plugin, and extracted to the main directory. In order for the "".zip"" file to be accepted, it must also contain a package.json file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12903,"In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-9270,"In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6447,"A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13874,"An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17476,Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2018-14271,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6034.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14617,"An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2475,"Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with other minor Kubernetes security issues, the missing network isolation theoretically can lead to compromise other shoot or seed clusters in the ""Gardener"" context. The issue is rated high due to the high impact of a potential exploitation in ""Gardener"" context. This was fixed in Gardener release 0.12.4.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,8.5,1.8,6.0,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-5972,"SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17070,An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the website settings via ?q=admin%2Fconfig%2Fsystem%2Fsite-information&render=overlay&render=overlay.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-3063,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-12018,"The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6498,"Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17034,UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-21177,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19276,OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14252,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6015.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2813,"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-19046,"keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-2486,"SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-17990,An issue was discovered on D-Link DSL-3782 devices with firmware 1.01. An OS command injection vulnerability in Acl.asp allows a remote authenticated attacker to execute arbitrary OS commands via the ScrIPaddrEndTXT parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13755,"The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-16374,Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1000075,"RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-19933,Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6609,"SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8072,"An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20730,A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-13583,"The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-18838,An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-9417,"In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7802,"A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could give access to the web interface with full privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5804,"A type confusion error within the ""identify()"" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11651,"Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8836,"Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2018-20235,There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12557,"An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could lead to accidentally leaking credentials or secrets.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19982,"An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP > Server > Controller (HUB) > Node (products which are controlled by HUB). The prerequisite is that the attacker is on the same network as the target HUB, and can use IP Changer to change destination IP addresses (of all packets whose destination IP address is Server) to a proxy-server IP address. This allows sniffing of cleartext between Server and Controller. The cleartext command data is transmitted to Controller using the proxy server's fake certificate, and it is able to control each Node of the HUB. Also, by operating HUB in Z-Wave Pairing Mode, it is possible to obtain the Z-Wave network key.",CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0135,"A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software improperly validates user-supplied search input. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to retrieve sensitive information from the affected system. Cisco Bug IDs: CSCvf17644.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-17790,Prospecta Master Data Online (MDO) 2.0 has Stored XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-5779,"A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to copy a malicious script into a newly generated PHP file and then execute the generated file using specially crafted requests. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10488,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Texture Width structures. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5420.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1718,IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147166.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-10738,A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8211,"A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka ""Device Guard Code Integrity Policy Security Feature Bypass Vulnerability."" This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-0869,"SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka ""Microsoft SharePoint Elevation of Privilege Vulnerability"".",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0039,Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafana or exploit other weaknesses or vulnerabilities in Grafana.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1002208,"SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-15587,GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-14721,FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-4126,"A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18310,"An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-18261,"In waimai Super Cms 20150505, there is an XSS vulnerability via the /admin.php/Foodcat/addsave fcname parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13540,"The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-20495,"An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-6038,Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-6958,VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15325,"In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2018-19771,"Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page ""EditCurrentPool.jsp"" has reflected XSS via the PropName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7812,"An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0414,"A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N,5.7,2.1,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-18016,ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7569,"dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-17582,Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-13031,DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3137,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-14637,The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1000606,A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-19905,HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-1719,IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS protocol. A remote attacker could exploit this vulnerability to perform man-in-the-middle attacks. IBM X-Force ID: 147292.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12299,Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-17174,A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8360,"An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka "".NET Framework Information Disclosure Vulnerability."" This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12378,"A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2707,"Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Corporate Lending accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Corporate Lending. CVSS 3.0 Base Score 8.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2018-6777,"In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220400.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17879,An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1390,"IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138221.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8432,"A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka ""Microsoft Graphics Components Remote Code Execution Vulnerability."" This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2403,"Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-7724,"The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-${photo_number} request. CSRF exploitation, related to CVE-2017-10681, may be possible.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7552,There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0907,"Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka ""Microsoft Office Excel Security Feature Bypass"".",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20385,"CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0355,"A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline frames (iframes) by the web UI of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected UI to navigate to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct click-jacking or other client-side browser attacks on the affected system. Cisco Bug IDs: CSCvg19761.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-20640,PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7977,"There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain additional information. Successful exploitation of this vulnerability can lead to information leakage.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-14467,The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-10027,"ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10305,"The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17589,AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0358,"A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while processing a high volume of traffic. An attacker could exploit this vulnerability by establishing a high number of concurrent TCP connections to the vulnerable system. An exploit could allow the attacker to cause a restart in a specific process, resulting in a temporary interruption of service. Cisco Bug IDs: CSCvh77056, CSCvh77058, CSCvh95264.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-7289,An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. This happens because characters that cannot be converted from Unicode are replaced with '?' characters.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2018-6980,VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Successful exploitation of this issue may allow Admin users with view only permission to perform certain administrative functions which they are not allowed to perform.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16965,"In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-18923,"AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20570,jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-20856,"An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-21197,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11147,Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2977,Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11789,"When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-2385,"Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-15736,An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204F.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11022,kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3224132973 and cause a kernel crash.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-4157,"An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the ""Quick Look"" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.",CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13322,"Directory traversal in list_folders method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to list directory contents via the ""path"" parameter.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-3294,"Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2018-10539,"An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-16218,A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12983,A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19488,"The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11203,A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11851,"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13496,"The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-6581,"SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8784,FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-7716,"PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the config string from the corresponding XPC message. This string is supposed to point to an internal OpenVPN configuration file. If a new connection has not already been established, an attacker can send the XPC service a malicious XPC message with the config string pointing at an OpenVPN configuration file that he or she controls. In the configuration file, an attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the root user.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9271,"In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-18843,"The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-7535,"An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11179,Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17201,"Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1000117,"Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12336,Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1305,"Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0222,"A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the default administrative account for the affected software. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands with root privileges. This vulnerability affects all releases of Cisco DNA Center Software prior to Release 1.1.3. Cisco Bug IDs: CSCvh98929.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-14615,"An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-21147,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5136,"A shared worker created from a ""data:"" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11645,"psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-0619,Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6084,Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11185,Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 43 of 46).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12989,"The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-19666,The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9117,"WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-20584,JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-14936,The Add page option in my little forum 2.4.12 allows XSS via the Title field.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-20848,"Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an XSS payload in the couleurId[0] parameter to the latter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-11902,"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0664,A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-21004,The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-21162,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0260,"A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. The vulnerability is due to lack of proper input validation and authorization of HTTP requests. An attacker could exploit this vulnerability by sending a malicious HTTP request to the targeted application. An exploit could allow the attacker to view sensitive information that should require authentication. Cisco Bug IDs: CSCvh31272.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-11259,"Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition.",CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,7.7,2.5,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2018-16005,"Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0859,"Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka ""Scripting Engine Memory Corruption Vulnerability"". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-2610,Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version that is affected is 11.1.2.4.330. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Data Relationship Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Data Relationship Management accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2018-20841,HooToo TripMate Titan HT-TM05 and HT-05 routers with firmware 2.000.022 and 2.000.082 allow remote command execution via shell metacharacters in the mac parameter of a protocol.csp?function=set&fname=security&opt=mac_table request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9585,"In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-117554809.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8030,"A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-2671,Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of Oracle PeopleSoft Products (subcomponent: Supplier Registration). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Purchasing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise SCM Purchasing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-19323,"The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4252,"An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the ""Siri"" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-0330,"A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4006,An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to exploit it successfully.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18623,"Grafana 5.3.1 has XSS via the ""Dashboard > Text Panel"" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-15386,"A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-3917,"On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the ""shard"" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The strcpy call overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long ""region"" value in order to exploit this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2018-17452,"An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost function in url_blocker.rb.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15504,"An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-9091,"A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10489,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh Declaration structures. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5421.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0645,MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8397,"A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka ""GDI+ Remote Code Execution Vulnerability."" This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15771,Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15126,LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15206,BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14800,"Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18449,"EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10680,"Z-BlogPHP 1.5.2 has a stored Cross Site Scripting Vulnerability exploitable by an administrator who navigates to ""Web site settings --> Basic setting --> Website title"" and enters an XSS payload via the zb_system/cmd.php ZC_BLOG_NAME parameter. NOTE: the vendor disputes the security relevance, noting it is ""just a functional bug.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6194,A cross-site scripting (XSS) vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search parameter to wp-admin/upload.php.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-13313,"In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript contains the current user’s password in plaintext.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-11748,Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. This issue has been resolved as of device_manager 2.7.0.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6345,"The function number_format is vulnerable to a heap overflow issue when its second argument ($dec_points) is excessively large. The internal implementation of the function will cause a string to be created with an invalid length, which can then interact poorly with other functions. This affects all supported versions of HHVM (3.30.1 and 3.27.5 and below).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-13526,"The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-14060,OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18495,"WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-16308,The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2018-17605,"An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. An attacker can perform directory traversal via a crafted request when a servlet-based application is executed in Jetty, because there is a classloader vulnerability that can allow a reverse file traversal route in AssetPipelineFilter.groovy or AssetPipelineFilterCore.groovy.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-20906,cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2018-1203,"In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9455,"In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78136677.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-1000422,"An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-13314,"System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the ""ipAddr"" POST parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5681,"PrestaShop 1.7.2.4 has XSS via source-code editing on the ""Pages > Edit page"" screen.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-5362,The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][page] parameter to wp-admin/options.php.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-6062,Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20588,lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-5690,Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter (aka the page limit number).,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8004,There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-1903,"IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-10944,"The request_dividend function of a smart contract implementation for ROC (aka Rasputin Online Coin), an Ethereum ERC20 token, allows attackers to steal all of the contract's Ether.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-12766,"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-14570,"A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content. This results in arbitrary code execution by requesting that .php file.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-5336,"In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-4148,"An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the ""Telephony"" component. A buffer overflow allows remote attackers to execute arbitrary code.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4324,A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-18724,An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-18461,The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6179,Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-8159,"An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka ""Microsoft Exchange Elevation of Privilege Vulnerability."" This affects Microsoft Exchange Server.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2018-7290,"Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, and 18.1.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-8330,"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka ""Windows Kernel Information Disclosure Vulnerability."" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-5540,"On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-15976,Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12316,OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands by modifying the filename POST parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17658,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the respose property of a host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6509.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15748,"On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.15(2335dn MFP) 11-22-2010, the admin interface allows an authenticated attacker to retrieve the configured SMTP or LDAP password by viewing the HTML source code of the Email Settings webpage. In some cases, authentication can be achieved with the blank default password for the admin account. NOTE: the vendor indicates that this is an ""End Of Support Life"" product.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-9053,"In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf10026cc.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15353,A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-15474,"CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export.  NOTE: the vendor has stated ""this is not a security problem in DokuWiki.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2018-21071,"An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-10654,There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-20354,"An invalid read of 8 bytes due to a use-after-free vulnerability during a ""return"" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1631,IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-17309,"On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-3279,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11937,"Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-16723,"In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12364020.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-8212,"A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka ""Device Guard Code Integrity Policy Security Feature Bypass Vulnerability."" This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2018-18194,An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-4187,"An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the ""LinkPresentation"" component. It allows remote attackers to spoof the UI via a crafted URL in a text message.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2018-13227,"The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which ""amount * sellPrice"" can be zero, consequently reducing a seller's assets.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-10801,"TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2018-11245,app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-7884,"An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl_1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user can write a DLL (e.g., version.dll) to perform DLL Hijacking and elevate privileges to SYSTEM.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-6924,"In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2018-18466,"An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this as a vulnerability since the disclosure of a local account password (actually an alpha numeric passcode) is achievable only when a custom registry key is added to the windows registry. This action requires administrator access and the registry key is only provided by support staff at securenvoy to troubleshoot customer issues",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-14449,An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-0366,"A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf03514.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-0251,"A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the portal or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco ASA Software: 3000 Series Industrial Security Appliances, Adaptive Security Virtual Appliance (ASAv), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches, ASA Services Module for Cisco 7600 Series Routers. Cisco Bug IDs: CSCvh20742.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-14708,An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-12839,"Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2018-1096,An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2018-18315,"com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2018-0709,Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-1875,"IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 151639.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2018-12678,"Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2018-18950,KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-11359,"Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-16729,"pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18317,A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18318 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15082,The 360-product-rotation plugin before 1.4.8 for WordPress has reflected XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-11190,"The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8836,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5774,Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15699,"An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-5491,Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12764,An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-3490,"A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and OES2018SP1. Older versions may be affected but were not tested as they are out of support.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10175,"A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the host-assisted cloning feature does not determine whether the requesting user has permission to access the Persistent Volume Claim (PVC) in the source namespace. This could allow users to clone any PVC in the cluster into their own namespace, effectively allowing access to other user's data.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12378,"An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-19590,"In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5995,"Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier. A successful exploitation may result in a specially crafted firmware update or unofficial firmware update being applied without user's consent via unspecified vector.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-2751,Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OHS Config MBeans). Supported versions that are affected are 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HTTP Server accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-15211,An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,4.6,0.9,3.6,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-4162,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict Transport Security header. Users can navigate by mistake to the unencrypted version of the web application or accept invalid certificates. This leads to sensitive data being sent unencrypted over the wire. IBM X-Force ID: 158661.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-19506,"Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the ""homeplugd"" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9923,pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1963,"A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-13688,Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2589,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15921,An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-4086,"IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 157509.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10315,Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the state parameter of OAuth to prevent CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8704,An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12297,"An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9531,"The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that provide unauthenticated, shell-like access to the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14973,"_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14873,"In the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. This will trigger a null pointer dereference bug in case of a memory allocation failure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1126,"A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-11157,Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19451,"When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9418,"In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-11973,A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9101,"An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-5452,Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,2.4,0.9,1.4,LOW,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0733,"A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2019-10297,Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11736,"The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1824,"A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the affected application. A successful exploit could allow the attacker to view or modify entries in some database tables, affecting the integrity of the data.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-9794,"A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6451,"On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-15924,An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-20411,"Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2019-1003020,A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-11592,"WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews.php, admin/editbannersuser.php, admin/editfaqscategory.php, or admin/excludeuser.php, or the offset parameter to admin/edituser.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-16533,"On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-13988,Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing).,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12391,The Anviz Management System for access control has insufficient logging for device events such as door open requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-12713,"A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10222,"A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-5642,"Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from an instance of CWE-732, wherein the unique server.key is written to the file system during installation with world-readable permissions. This can allow other users of the same system where Metasploit Pro is installed to intercept otherwise private communications to the Metasploit Pro web interface.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-16684,"An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8534,"A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5126,"An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2593,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-3705,"Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the webserver or execute arbitrary code on the system with privileges of the webserver by sending specially crafted input data to the affected system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14060,"Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8963,"A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher's lmadmin 11.16.5, when doing a crafted POST request on lmadmin using the web-based tool.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10559,"Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2575,Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite (subcomponent: Format Handling - 2D). Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue 3D Professional Advanced. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle AutoVue 3D Professional Advanced accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-4467,IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163776.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9442,In the Android kernel in the mnh driver there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6751,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6.779. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7632.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1679,"A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF). The vulnerability is due to insufficient access controls for the REST API of Cisco Expressway Series and Cisco TelePresence VCS. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the affected server. Versions prior to XC4.3.4 are affected.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N,5.0,3.1,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,LOW,NONE
CVE-2019-18389,"A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18232,"SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14051,"Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12368,"The Edison Mail application through 1.7.1 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10144,rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are given all capabilities during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources.,CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H,7.7,1.1,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,HIGH,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-13298,ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0894,"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16792,"Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-10807,Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9073,"An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-20843,"An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-1693,"A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a temporary DoS condition.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-5840,Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2019-2899,"Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle JDeveloper and ADF accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N,2.4,0.9,1.4,LOW,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2019-5884,php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-6210,"A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10647,"ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if the 192.168.0.1 web server sends the contents of a .php file (i.e., it does not interpret a .php file).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4296,IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0913,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15605,"HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16642,App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13916,"An issue was discovered in Cypress (formerly Broadcom) WICED Studio 6.2 CYW20735B1 and CYW20819A1. As a Bluetooth Low Energy (BLE) packet is received, it is copied into a Heap (ThreadX Block) buffer. The buffer allocated in dhmulp_getRxBuffer is four bytes too small to hold the maximum of 255 bytes plus headers. It is possible to corrupt a pointer in the linked list holding the free buffers of the g_mm_BLEDeviceToHostPool Block pool. This pointer can be fully controlled by overflowing with 3 bytes of packet data and the first byte of the packet CRC checksum. The checksum can be freely chosen by adapting the packet data accordingly. An attacker might be able to allocate the overwritten address as a receive buffer resulting in a write-what-where condition. This is fixed in BT SDK2.4 and BT SDK2.45.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9657,"Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a different issue than CVE-2018-19588. This occurs because of incorrect protection of VPN certificates (used for initiating a VPN session to the Alarm.com infrastructure) on the local camera device.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0951,"A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0949, CVE-2019-0950.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5890,An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0233,An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-20093,"The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-5487,"An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-13114,http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-0581,"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ""Jet Database Engine Remote Code Execution Vulnerability."" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9492,A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable system.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5821,Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2149,"In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113262406",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-4285,"IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-20659,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12980,"In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-6202,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3700,yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defaults in 4.2.6 and used the new configuration file locations. Password created during this time used DES password encryption and are not properly protected against attackers that are able to access the password hashes.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-1881,"A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to use a web browser and the privileges of the user to perform arbitrary actions on an affected device. For more information about CSRF attacks and potential mitigations, see Understanding Cross-Site Request Forgery Threat Vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5159,"An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. A specially crafted firmware update file can allow an attacker to write arbitrary files to arbitrary locations on WAGO controllers as a part of executing a firmware update, potentially resulting in code execution. An attacker can create a malicious firmware update package file using any zip utility. The user must initiate a firmware update through e!COCKPIT and choose the malicious wup file using the file browser to trigger the vulnerability.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20864,An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-20426,"In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds check.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-12314,"Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14312,Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-18797,LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-2473,"Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10116,"An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-9750,"In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a ""4.01 Unauthorized"" response is mishandled. NOTE: the vendor states ""While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite.""",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2019-20616,An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-12263,Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3928,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become the presenter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0348,"SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-6769,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8165.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11449,"I, Librarian 4.10 has XSS via the notes.php notes parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-19837,Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-18242,"In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-8565,"A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11944,A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12527,"An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15039,An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12730,aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9023,"An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5427,c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14532,An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17343,An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6750,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EZI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7639.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9170,"An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-12811,ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19336,A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters were included in the HTML response without escaping. This flaw would allow an attacker to craft malicious HTML pages that can run scripts in the context of the user's oVirt session.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-7389,"An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack without authentication.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10856,"In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-2813,"Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: GraalVM). The supported version that is affected is 19.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GraalVM Enterprise Edition. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2019-8580,"Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-10247,"In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-5060,"An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13626,"SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-2046,"In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117556220",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9676,"Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1104,"A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19379,"In app/Controller/TagsController.php in MISP 2.4.118, users can bypass intended restrictions on tagging data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-9627,"A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20147,An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-15923,An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-11156,"Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17539,"In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2603,"Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2019-14318,"Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because scalar multiplication in ecp.cpp (prime field curves, small leakage) and algebra.cpp (binary field curves, large leakage) is not constant time and leaks the bit length of the scalar among other information.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8128,"A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can exploit it by injecting malicious Javascript into the name of main website.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-6507,An issue was discovered in creditease-sec insight through 2018-09-11. login_user_delete in srcpm/app/admin/views.py allows CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16680,"An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2019-15937,Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8842,"A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2019-2486,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15450,"The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15977,"Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-20884,An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-12622,"A vulnerability in Cisco RoomOS Software could allow an authenticated, local attacker to write files to the underlying filesystem with root privileges. The vulnerability is due to insufficient permission restrictions on a specific process. An attacker could exploit this vulnerability by logging in to an affected device with remote support credentials and initiating the specific process on the device and sending crafted data to that process. A successful exploit could allow the attacker to write files to the underlying file system with root privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-9121,"An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetSmartQoSSettings API function, as demonstrated by shell metacharacters in the smartqos_priority_devices field.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11775,All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,7.4,2.2,5.2,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-20824,An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10945,"An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2184,"In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-134578122",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5850,Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-2672,"Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2019-7385,"An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4536,IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N,6.3,1.0,5.2,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-15743,"The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-14334,"An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-13314,"virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16200,"GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-11523,"Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the ""open door"" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1000010,phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser. This attack appears to be exploitable via victim visits link crafted by an attacker. This vulnerability appears to have been fixed in 1.4.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-14696,"Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-11411,An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5679,"NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3794,"Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2019-2898,"Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher). Successful attacks of this vulnerability can result in unauthorized read access to a subset of BI Publisher (formerly XML Publisher) accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-11343,"Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBuilder.java, LikeCondition.java, and NotLikeCondition.java.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1717,"A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to an affected component. A successful exploit could allow the attacker to download arbitrary files from the affected device, which could contain sensitive information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-16293,The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18273,"OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The affected product is vulnerable to cross-site scripting, which may allow invalid input to be introduced.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-6163,A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14680,The admin-renamer-extended (aka Admin renamer extended) plugin 3.2.1 for WordPress allows wp-admin/plugins.php?page=admin-renamer-extended/admin.php CSRF.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N,5.7,2.1,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2019-12782,"An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 (before 5.1.2) allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively deleting them.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2019-0269,"SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.10 and 4.20, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-20052,A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10589,"Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, MDM9206, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3895,"An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14826,A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-7249,"In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0157,Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15143,"In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-19720,Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16910,"Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8994,"The workspace client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contains vulnerabilities where an authenticated user can change settings that can theoretically adversely impact other users. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N,4.6,2.1,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2019-11104,"Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4067,"IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-3597,Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect handling of expired GUI sessions.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12529,"An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-5050,"A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17551,"In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the mainForm:loanNotesnotes:0:rich_text_editor_note_text parameter in the Notes section. Although versions 6.31.8.3 and 6.31.8.5 are confirmed to be affected, all versions with the vulnerable WYSIWYG editor in the Notes section are likely affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9606,"PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS via the ""Update profile"" feature.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-3500,"aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2187,"In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124940143",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0741,"An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-6525,AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15163,rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-2874,Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2019-19110,The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8646,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0618,"A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0662.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18279,"In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19560,An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-15679,"TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13647,Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15130,"The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. Moreover, the attacker can upload executable content (e.g., asp or aspx) for executing OS commands on the server.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8209,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18355,An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9348,"In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-6681,"On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14016,"Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4154,"IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 158519.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9423,"In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5030,"A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220). While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to the number of style levels, causing a vtable pointer to be overwritten, which leads to code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12256,Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9063,PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-15437,"The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19056,"A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-7524,"In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11502,"snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0378,"SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name of the background image resulting in Stored Cross-Site Scripting.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-16002,"A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected instance of vManage. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2019-10374,A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-2053,"In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-122074159",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-19772,Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10792,bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2019-4457,"IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-14882,"A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5974,Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15064,HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1208,"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1236.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17213,The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS via the URI or the X-Forwarded-For HTTP header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1003027,"A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception error message otherwise.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-19890,An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12737,UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-2979,"Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Payments). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 5.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N,5.7,2.1,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2019-6764,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7972.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6667,"On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Information eXchange) profile applied.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-13157,nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-8110,"A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage email templates hierarchy to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2915,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1306,"A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10017,"CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an ""Add a new Profile"" action to the File Picker.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-13341,"In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.",CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1010153,zzcms 8.3 and earlier is affected by: SQL Injection. The impact is: sql inject. The component is: zs/subzs.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2010,"In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-118152591",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8343,"In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11974,A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8526,A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5596,"In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2019-6116,"In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11945,A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0689,"An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1719,"A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information. Cisco ISE software version 2.1 is affected.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15361,"The Infinix Note 5 Android device with a build fingerprint of Infinix/H632C/Infinix-X605_sprout:8.1.0/O11019/CE-180914V59:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14909,"A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L,8.3,3.9,3.7,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,LOW,LOW
CVE-2019-18609,An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2143,"In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-6691,"phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the ""--backup database"" option.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3967,"In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-11269,"Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the redirect_uri parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2019-2766,"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,3.1,1.6,1.4,LOW,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2019-11126,"Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16917,"WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8546,"An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-5091,"An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10931,"A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59). Specially crafted packets sent to port 443/TCP could cause a Denial of Service condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-13998,"u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15936,Intesync Solismed 3.3sp allows Insecure File Upload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5151,"An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20700,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4410,"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162657.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-3709,IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-7172,"A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-7000,A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-25071,"A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices. NOTE: Apple claims, that after examining the report they do not see any actual security implications.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4335,IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. IBM X-Force ID: 161413.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8455,A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-15033,"Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,7.7,3.1,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2019-15830,The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12422,"Apache Shiro before 1.4.2, when using the default ""remember me"" configuration, cookies could be susceptible to a padding attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14557,"Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1596,"A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Bash prompt. A successful exploit could allow the attacker to escalate their privilege level to root. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5680,"In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9040,"S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8232,"In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification.",CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6797,"An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-2902,"Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2019-16880,An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15457,"The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3702,A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0124,"Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20151,"An XSS issue was discovered in TreasuryXpress 19191105. Due to the lack of filtering and sanitization of user input, malicious JavaScript can be executed by the application's administrator(s). A malicious payload can be injected within the Multi Approval security component and inserted via the Note field. As a result, the payload is executed by the application's administrator(s).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-3461,Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14.,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2588,"Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all BI Publisher (formerly XML Publisher) accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-16127,Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-1110,"A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9406,In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552517,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-5352,A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3496,"An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20760,NETGEAR R9000 devices before 1.0.4.26 are affected by authentication bypass.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2799,"Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows low privileged attacker having None privilege with network access via multiple protocols to compromise Oracle ODBC Driver. Successful attacks of this vulnerability can result in takeover of Oracle ODBC Driver. Note: The vulnerability affects Windows platforms only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1626,"A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. The vulnerability is due to a failure to properly authorize certain user actions in the device configuration. An attacker could exploit this vulnerability by logging in to the vManage Web UI and sending crafted HTTP requests to vManage. A successful exploit could allow attackers to gain elevated privileges and make changes to the configuration that they would not normally be authorized to make.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1710,"A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation of the secondary management interface from internal sysadmin applications. An attacker could exploit this vulnerability by connecting to one of the listening internal applications. A successful exploit could result in unstable conditions, including both a denial of service and remote unauthenticated access to the device. This vulnerability has been fixed in Cisco IOS XR 64-bit Software Release 6.5.3 and 7.0.1, which will edit the calvados_boostrap.cfg file and reload the device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12165,"MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5447,A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-6832,"A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L,8.3,2.8,5.5,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,LOW
CVE-2019-16535,"In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0033,"A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D25 prior to 12.1X46-D71, 12.1X46-D73 on SRX Series; 12.3X48 versions prior to 12.3X48-D50 on SRX Series; 15.1X49 versions prior to 15.1X49-D75 on SRX Series.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-4556,IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 166205.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-17573,"By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-17295,SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16559,A missing permission check in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers with Overall/Read permission to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2019-1002100,"In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type ""json-patch"" (e.g. `kubectl patch --type json` or `""Content-Type: application/json-patch+json""`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-8162,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a race condition vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17579,SonarSource SonarQube before 7.8 has XSS in project links on account/projects.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-20833,"An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-16102,Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0775,"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-17353,"An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N,8.2,3.9,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,NONE
CVE-2019-14521,The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-8412,FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6755,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7613.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9283,"In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-11841,"A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional ""Hash"" Armor Headers. The ""Hash"" Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14299,"Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11398,"Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8622,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7307,"Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19982,"The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-19844,"Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1756,"A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a username with a malicious payload in the web UI and subsequently making a request to a specific endpoint in the web UI. A successful exploit could allow the attacker to run arbitrary commands as the root user, allowing complete compromise of the system.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9294,"In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764444",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-9338,In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-13955,"Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-8253,Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8560,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-13271,"Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert channel, the sender can trivially issue an ARP request to an arbitrary computer on the network. (In general, some routers restrict ARP forwarding only to requests destined for the network's subnet mask, but these routers did not restrict this traffic in any way. Depending on this factor, one must use either the lower 8 bits of the IP address, or the entire 32 bits, as the data payload.)",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8694,A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1003006,A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0384,"Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16573,"A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8525,"A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2818,"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,3.1,1.6,1.4,LOW,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2019-3799,"Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-9959,"The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-12712,"A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input in multiple sections of the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-17549,ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-7790,"Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0388,"SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-5469,"An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-1000011,API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14077,"Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18810,"A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-6500,"In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-7434,PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-20383,ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20782,"An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1948,"A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. The vulnerability is due to insufficient SSL certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted SSL certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-1028,"An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19722,"In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2019-1009,"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1010, CVE-2019-1011, CVE-2019-1012, CVE-2019-1013, CVE-2019-1015, CVE-2019-1016, CVE-2019-1046, CVE-2019-1047, CVE-2019-1048, CVE-2019-1049, CVE-2019-1050.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-16462,"Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4269,"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-20636,"In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20055,LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,6.5,3.9,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2019-7614,"A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-17415,"A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2549,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Direct Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Direct Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-3974,"Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2019-0923,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17521,"An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerability that can change the admin's password via the password/ URI,",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2019-17051,"Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8052,"Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2019-1317,"A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H,7.3,2.0,4.7,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,LOW,HIGH
CVE-2019-13636,"In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-8193,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-4575,"IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20715,"Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5978,Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-16674,"An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compromise when captured on the network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010238,"Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0821,"An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0066,"An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10179,"A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-17393,"The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. Basic authentication is used for the authentication, making it possible to base64 decode the sniffed credentials and discover the username and password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11370,"Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html ""System contact"" field.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-11688,"An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-12375,"Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote information disclosure and arbitrary code execution.",CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,6.3,2.1,4.2,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,LOW
CVE-2019-20794,"An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-5736,"runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-20584,"An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1268,"An elevation of privilege exists when Winlogon does not properly handle file path information, aka 'Winlogon Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9164,Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0213,"In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-7030,"Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-10633,"An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19165,"AxECM.cab(ActiveX Control) in Inogard Ebiz4u contains a vulnerability that could allow remote files to be downloaded and executed by setting arguments to the activeX method. Download of Code Without Integrity Check vulnerability in ActiveX control of Inogard Co,,LTD Ebiz4u ActiveX of Inogard Co,,LTD(AxECM.cab) allows ATTACKER to cause a file download to Windows user's folder and execute. This issue affects: Inogard Co,,LTD Ebiz4u ActiveX of Inogard Co,,LTD(AxECM.cab) version 1.0.5.0 and later versions on windows 7/8/10.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5479,An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-4087,"IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could overflow a buffer and execute arbitrary code on the system with instance id privileges or cause the server or storage agent to crash. IBM X-Force ID: 157510.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20051,"A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10547,"When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8151,"A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5420,"A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6330,A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8216,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-19540,The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5350,A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4029,IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-25027,"Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8350,"The Simple - Better Banking application 2.45.0 through 2.45.3 (fixed in 2.46.0) for Android was affected by an information disclosure vulnerability that leaked the user's password to the keyboard autocomplete functionality. Third-party Android keyboards that capture the password may store this password in cleartext, or transmit the password to third-party services for keyboard customization purposes. A compromise of any datastore that contains keyboard autocompletion caches would result in the disclosure of the user's Simple Bank password.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18329,"A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8439,"An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of ""System setting->site setting"" of admin/index.php, aka site_domain.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12867,Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2404,"Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0123,"Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9403,"In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-19364,"A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3953,"Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-12495,An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles section switches.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14456,"Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system (connected to a serial port on an Opengear console server) sends crafted text to a serial port (that has logging enabled), the text will be replayed when the logs are viewed. Exploiting this vulnerability requires access to the serial port and/or console server.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1003036,A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-15502,"The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15327,The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-13012,"The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-6137,An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10668,"An issue was discovered in LibreNMS through 1.47. A number of scripts import the Authentication libraries, but do not enforce an actual authentication check. Several of these scripts disclose information or expose functions that are of a sensitive nature and are not expected to be publicly accessible.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-10550,"Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-19738,"log_file_viewer.php in MFScripts YetiShare 3.5.2 through 4.5.3 does not sanitize or encode the output from the lFile parameter on the page, which would allow an attacker to input HTML or execute scripts on the site, aka XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-16168,"In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a ""severe division by zero in the query planner.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14961,"JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9516,"Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-7099,Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0350,"SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-18677,"An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12928,"The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15865,The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15049,An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1547,"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-15698,"In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-18831,Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12940,LiveZilla Server before 8.0.1.1 is vulnerable to Denial Of Service (memory consumption) in knowledgebase.php via a large integer value of the depth parameter.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-0177,Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,4.4,1.8,2.5,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2019-9470,"In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-144167528",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5527,"ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2019-9341,"In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214770",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8762,"A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5187,"An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11234,"FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a ""Dragonblood"" issue, a similar issue to CVE-2019-9497.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19053,"A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-2333,"Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17361,"In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5465,"An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-20139,"In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12355,An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17532,"An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-20155,"An issue was discovered in report_edit.jsp in Determine (formerly Selectica) Contract Lifecycle Management (CLM) v5.4. Any authenticated user may execute Groovy code when generating a report, resulting in arbitrary code execution on the underlying server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16786,"Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: ""Transfer-Encoding: gzip, chunked"" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-18574,"RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-0037,"In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-19370,A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the file upload interface. A successful exploit could allow an attacker to execute arbitrary scripts.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10997,"An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-3740,RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-13516,"In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7067,"Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-14937,"REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9874,Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7936,"A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block titles to inject malicious javascript.",CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-4112,IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-10195,"A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party components. An attacker having access to system logs on FreeIPA masters could use this flaw to produce log file content with passwords exposed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0795,"A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8576,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-8383,An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0900,"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0901, CVE-2019-0902.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1290,"A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6633,"On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, when the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-8158,"An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that gets passed to XML data processing engine without validation. The crafted key/value GET request data allows an attacker to limited access to underlying XML data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18904,"A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-19610,An issue was discovered in Halvotec RaQuest 10.23.10801.0. It allows session fixation. Fixed in Release 24.2020.20608.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2019-1889,"A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checking for the file path when specific software is uploaded. An attacker could exploit this vulnerability by uploading malicious software using the REST API. A successful exploit could allow an attacker to escalate their privilege level to root. The attacker would need to have the administrator role on the device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13249,ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1303,"An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1278.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19086,Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-3951,Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11778,"If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last will and testament, sets a will delay interval, sets a session expiry interval, and the will delay interval is set longer than the session expiry interval, then a use after free error occurs, which has the potential to cause a crash in some situations.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2019-16161,Onigmo through 6.2.0 has a NULL pointer dereference in onig_error_code_to_str because of fetch_token in regparse.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14797,The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-6289,"uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10325,A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-0851,"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0877, CVE-2019-0879.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9971,"PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with sudo.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8312,"An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetSysLogSettings API function, as demonstrated by shell metacharacters in the IPAddress field.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20401,"Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14719,"Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10692,"In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10426,Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-15968,"A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5692,"NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8091,A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16204,"Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-14596,Improper access control in the installer for Intel(R) Chipset Device Software INF Utility before version 10.1.18 may allow an authenticated user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-10618,Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12374,"A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1003063,Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2869,"Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Data Store. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9258,"In wifilogd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113655028",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1699,"A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19719,Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-19782,The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20650,"Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-4703,"IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-3695,"A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2480,"Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2019-12682,"Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1873,"A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The vulnerability is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header. An attacker could exploit this vulnerability by sending a crafted TLS/SSL packet to an interface on the targeted device. An exploit could allow the attacker to cause the device to reload, which will result in a denial of service (DoS) condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is required to exploit this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2019-16669,"The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-7100,Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010155,"D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-11733,"When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8267,"UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9234,"In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122465453",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-0243,"Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1601,"A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker could exploit this vulnerability by accessing and modifying restricted files. A successful exploit could allow an attacker to use the content of this configuration file to bypass authentication and log in as any user of the device. MDS 9000 Series Multilayer Switches are affected in versions prior to 6.2(25), 8.1(1b), and 8.3(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2035,"In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-122320256",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9548,Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2019-20711,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13475,"In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows remote attackers to execute arbitrary commands when the user visits a specially crafted URL. Based on the available command-line arguments of the software, one can simply inject -exec to execute arbitrary commands. The additional arguments -hideterm and -exitwhendone in the payload make the attack less visible.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6977,"gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5459,An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-10496,"Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5617,"Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and earlier suffers from an instance of CWE-284, ""Improper Access Control."" As a result, an unauthenticated user may change the password of any administrator-level user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6128,"The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010249,The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-1584,"A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10405,"Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the ""Cookie"" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2019-8368,OpenEMR v5.0.1-6 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1336,"An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1323.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7402,An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg&#95;qqcode parameter. This can be exploited via CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-14870,"All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2019-6284,"In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-12905,FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI. This issue has been fixed in FileRun 2019.06.01.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15912,"An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9456,In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1003,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19366,A cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-11487,"The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5263,HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-11327,An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative privileges can craft a special URL to read arbitrary files from the device's files system.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-9062,PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13248,ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16126,Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaScript execution in SVG images.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-17223,There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 via user/note.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9189,"Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authenticated attacker to gain full system access.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8184,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-14706,"A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14114,"Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3752,"Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability to cause Denial of Service or information exposure by supplying specially crafted document type definitions (DTDs) in an XML request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H,8.2,3.9,4.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,HIGH
CVE-2019-1602,"A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker could exploit this vulnerability by logging in to the CLI of an affected device, accessing a specific file, and leveraging this information to authenticate to the NX-API server. A successful exploit could allow an attacker to make configuration changes as administrator. Note: NX-API is disabled by default. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15067,"An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0006,"A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18888,"An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-12149,"SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11669,"Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-16261,"Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware version, fixing this vulnerability, had already been released before this vulnerability report about 12.04.0053.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2019-11478,"Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-8544,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-25099,A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The patch is identified as ea4f61e23ecb83247d174bc2e2cbab521c751a7d. It is recommended to apply a patch to fix this issue. VDB-217558 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-20357,A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3420,All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8382,An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1244,"An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-3633,"Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to ""blue screen"" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-11018,application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1364,"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1362.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10894,"In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-14914,"An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-5439,A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9855,"LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18286,A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is independent from CVE-2019-18287. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-10908,"In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6688,"On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0240,"SAP Business Objects Mobile for Android (before 6.3.5) application allows an attacker to provide malicious input in the form of a SAP BI link, preventing legitimate users from accessing the application by crashing it.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-15546,An issue was discovered in the pancurses crate through 0.16.1 for Rust. printw and mvprintw have format string vulnerabilities.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-5915,Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15071,"The ""/cgi-bin/go"" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15579,"An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-2828,"Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Field Service. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Field Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Field Service. CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-12431,An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. Restricted users could access the metadata of private milestones through the Search API. It has Improper Access Control.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-0701,"A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695.",CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.8,2.3,4.0,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2019-25142,"The Mesmerize & Materialis themes for WordPress are vulnerable to authenticated options change in versions up to, and including,1.6.89 (Mesmerize) and 1.0.172 (Materialis). This is due to 'companion_disable_popup' function only checking the nonce while sending user input to the 'update_option' function. This makes it possible for authenticated attackers to change otherwise restricted options.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1003081,A missing permission check in Jenkins OpenShift Deployer Plugin in the DeployApplication.DeployApplicationDescriptor#doCheckLogin form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-15682,"RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1071,"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-6822,"A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2283,"Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16023,"Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-7747,DbNinja 3.2.7 allows session fixation via the data.php sessid parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-10867,"An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4301,BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H,8.4,1.7000000000000002,6.0,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-0602,"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-18423,"An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity check guest physical frame. The rest of the code in the two functions will assume that there is a valid root table and check that with BUG_ON(). The function p2m_get_root_pointer() will ignore the unused top bits of a guest physical frame. This means that the function p2m_set_entry() will alias the frame. However, p2m->max_mapped_gfn will be updated using the original frame. It would be possible to set p2m->max_mapped_gfn high enough to cover a frame that would lead p2m_get_root_pointer() to return NULL in p2m_get_entry() and p2m_resolve_translation_fault(). Additionally, the sanity check on p2m->max_mapped_gfn is off-by-one allowing ""highest mapped + 1"" to be considered valid. However, p2m_get_root_pointer() will return NULL. The problem could be triggered with a specially crafted hypercall XENMEM_add_to_physmap{, _batch} followed by an access to an address (via hypercall or direct access) that passes the sanity check but cause p2m_get_root_pointer() to return NULL. A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen version 4.8 and newer are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18635,An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing. There is a NULL pointer dereference in MPDevice_win.cpp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-5881,Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-4279,IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14913,"An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1936,"A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. Exploitation of this vulnerability requires privileged access to an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrator privileges and then sending a malicious request to a certain part of the interface.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19889,"An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-9249,"In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120255805",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-1770,"A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20705,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1707,"A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco DNA Center versions prior to 1.2.5 are affected.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-20876,"An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Users can deactivate themselves, bypassing a policy.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2019-20487,"An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable to an unauthenticated GET request (exploitable directly or through CSRF), as demonstrated by the setup.cgi?todo=save_htp_account URI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17044,"An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with ""patrol"" privileges to elevate his/her privileges to the ones of the ""root"" user by specially crafting a shared library .so file that will be loaded during execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3749,"Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the ""Temp\ICProgress\Dell_InventoryCollector_Progress.xml"" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-8335,An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerability via index.php?a=Index&c=Channel&m=Home&id=[XSS].,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10735,"In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2019-20731,"Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8615,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-11584,The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the priority icon url of an issue priority.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-0605,"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2701,Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). The supported version that is affected is 18.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-10290,A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpl#doValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-14066,"Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11776,"In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9868,An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10594,"Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-6958,"A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as ""CWE-284: Improper Access Control."" This vulnerability, for example, allows a potential attacker to delete video or read video data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-17121,REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-signatures page via Lock Record Custom Text values.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1003070,Jenkins veracode-scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8084,"Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12139,"An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x before 1.3.5 and 1.4.x before 1.4.4, and ezplatform-page-builder 1.1.x before 1.1.5 and 1.2.x before 1.2.4.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8165,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13936,Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-5233,Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14875,"In the __multiply function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _x[0] will trigger a null pointer dereference bug in case of a memory allocation failure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-2812,Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-11147,"Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2140,"In libxaac, there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705708",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-15919,An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-7251,An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-20809,"The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-19049,"A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-0704,"An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0821.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-9011,"In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-18397,"A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2009,"In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120665616",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3568,"A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13643,Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on the Notifications page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1682,"A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. The vulnerability is due to insufficient input validation for certain command strings issued on the CLI of the affected device. An attacker with write permissions for files within a readable folder on the device could alter certain definitions in the affected file. A successful exploit could allow an attacker to cause the underlying FUSE driver to execute said crafted commands, elevating the attacker's privileges to root on an affected device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10746,mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19605,"X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13255,XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327464.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010308,Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16776,Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-2461,"Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2019-10969,"Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17114,A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected cross-site scripting occurs immediately after a .csv file is uploaded. The malicious script is stored and can be executed again when the List Pre-Registration functionality is used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-0999,"An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9134,"Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20379,ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10612,"UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MDM9650, QCS605, SA6155P, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11087,"Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11950,A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-19835,SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-9533,The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-14226,OX App Suite through 7.10.2 has Insecure Permissions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-18786,"In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-2252,"Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11543,"XSS exists in the admin web console in Pulse Secure Pulse Connect Secure (PCS) 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-19913,"In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-19134,The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to inject HTML or arbitrary JavaScript within the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based tokens or to launch other attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-14814,"There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9743,An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. Command injection can occur in the WebHMI component.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7219,"Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-10077,"A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-4078,IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16459,"Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-17601,"In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-19861. NOTE: this product is discontinued.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-5488,EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-19135,"In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle attackers to reuse encrypted user credentials sent over the network.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-0626,"A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010094,"domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1010261,Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL generation - PR to fix: https://github.com/go-gitea/gitea/pull/5905. The attack vector is: victim must open a specifically crafted URL. The fixed version is: 1.7.1 and later.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8747,A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7783,"Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-3838,"It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8264,"UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15988,"A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-1103,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:02Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-4638,IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 170044.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,3.7,2.2,1.4,LOW,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-10215,Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-18985,Pimcore before 6.2.2 lacks brute force protection for the 2FA token.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15542,An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1010207,"Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting (XSS). The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/her account. The fixed version is: 3.0.16.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-11755,"A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-20553,"An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-9631,Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11036,"When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2019-20710,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16863,"STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-1941,"A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. At the time of publication, this vulnerability affected Cisco ISE running software releases prior to 2.4.0 Patch 9 and 2.6.0.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-12067,The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2019-5667,"NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18873,"FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under ""User Manager"" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2019-15661,"An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow, which can lead to code execution or escalation of privileges.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18332,"A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to directory listings of the server by sending specifically crafted packets to 80/tcp, 8095/tcp or 8080/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-14777,The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20713,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-0395,"SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-14773,"admin/includes/class.actions.snippet.php in the ""Woody ad snippets"" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-6790,"An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-15573,Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-20677,"Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-8601,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-10138,"A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-25011,"NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-9637,"An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8180,"Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15894,"An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code from flash. The fault injection attack does not disable the Flash Encryption feature, so if the ESP32 is configured with the recommended combination of Secure Boot and Flash Encryption, then the impact is minimized. If the ESP32 is configured without Flash Encryption then successful fault injection allows arbitrary code execution. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field if it is not already permanently enabled.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2120,"In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130821293.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-15658,connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2019-6980,Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18988,"TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:02Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-1832,"A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2019-1266,"A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-6749,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EZIX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7638.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13702,Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16089,An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H,4.1,0.5,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-16244,OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-8858,"A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A user who shares their screen may not be able to end screen sharing.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-10192,"A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11992,A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-17576,"An issue was discovered in Dolibarr 10.0.2. It has XSS via the ""outgoing email setup"" feature in the /admin/mails.php?action=edit URI via the ""Send all emails to (instead of real recipients, for test purposes)"" field.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-15995,"A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2019-0868,"A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0870, CVE-2019-0871.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2019-1908,"A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security restrictions imposed by the affected software. A successful exploit could allow the attacker to view sensitive information that belongs to other users. The attacker could then use this information to conduct additional attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-1354,"A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-2308,"User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-13120,"Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which interacts with an associated vulnerable MQTT message in the application, specific circumstances could trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-7484,Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-8611,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18240,"In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-11727,A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2019-9123,"An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The ""user"" account has a blank password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-16907,"An issue was discovered in the Infosysta ""In-App & Desktop Notifications"" app 1.6.13_J8 for Jira. It is possible to obtain a list of all valid Jira usernames without authentication/authorization via the plugins/servlet/nfj/UserFilter?searchQuery=@ URI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2019-12625,ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1369,"An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2019-12749,"dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-07T08:02Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2019-9139,"DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:02Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-18994,"Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:02Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2019-1020018,Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2019-20722,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:02Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2019-7973,Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:02Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8708,"Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0979,"A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0906.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24598,An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-16590,"A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-35899,An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-12827,MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L,7.2,3.9,2.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,NONE,LOW
CVE-2020-7805,"An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device. This issue is a command injection allowing attackers to execute arbitrary OS commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13843,An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-12385,Improper input validation in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25155,"The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-23356,"dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-5667,"Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15826,"In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-3736,Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9351,"An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the _transaction parameter, the server replies with a verbose error showing where the application resides (the absolute path). NOTE: the documentation states ""These tools are, by default, available to anyone ... so they should only be deployed into a trusted environment. Alternately, the tools can easily be restricted to administrators or end users by protecting the tools path with normal authentication and authorization mechanisms on the web server.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-3632,"u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8116,Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2020-12015,"A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper deserialization. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; ICONICS GenBroker32 version 9.5 and prior.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-36109,ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27915,"A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to execute arbitrary code with system privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24513,Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,6.5,2.0,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-13582,A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4827,IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 189841.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-15800,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12645,"OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35680,"smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-28246,"A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE: the email templating service was removed after 2020. Additionally, the vendor disputes this issue indicating this is sandboxed and only executable by admins.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0159,"In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140768035",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-12358,Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5549,Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3902,"An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-23790,An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25872,A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5186,DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-9919,"A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-17366,"An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation "".roa"" files or X509 Certificate Revocation List files from the RPKI relying party's view.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H,7.4,2.2,5.2,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-26870,"Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-23762,"Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress allows remote attackers to execute arbitrary web script via the ""titel"" column on the ""Eintrage hinzufugen"" tab.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8587,OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-9090,FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized with incorrect privilege. Attackers with other privilege can execute the command to exploit this vulnerability. This may compromise normal service of the affected product.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9856,This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. An application may be able to gain elevated privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2020-16252,The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-27729,"In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7803,"IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11093,"Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized alterations to the ledger. Updating a DID with a nym transaction will be written to the ledger if neither ROLE or VERKEY are being changed, regardless of sender. A malicious DID with no particular role can ask an update for another DID (but cannot modify its verkey or role). This is bad because 1) Any DID can write a nym transaction to the ledger (i.e., any DID can spam the ledger with nym transactions), 2) Any DID can change any other DID's alias, 3) The update transaction modifies the ledger metadata associated with a DID.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-23727,There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0005,"In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141552859",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11688,"In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0454,"In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of the current SSID with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-161370134",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1964,"It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerabilities (CWE-502: Deserialization of Untrusted Data).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26997,"A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11919)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3302,"A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted file to the web UI on an affected device. A successful exploit could allow the attacker to overwrite files on the file system of the affected device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-7286,Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5334,"RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10418,The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-attachments.php by adding a question mark (?) followed by the payload.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-29139,A SQL injection vulnerability in interface/main/finder/patient_select.php from library/patient.inc in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the searchFields parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35611,"An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-13822,"The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L,7.7,2.2,5.5,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,LOW
CVE-2020-25119,The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7256,Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-16014,Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-13952,"In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the authenticated users’ password, and access to connection information including the plaintext password for the current connection. It would also be possible to run arbitrary methods on the database connection object for the Presto or Hive connection, allowing the user to bypass security controls internal to Superset. This vulnerability is present in every Apache Superset version < 0.37.2.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-27257,"This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2732,"A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,6.8,2.3,4.0,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-25722,Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9926,"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5605,Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-36519,"Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.)",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-15053,"An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35832,"Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10725,"A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-25230,"A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-7126,A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N,5.8,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,NONE,NONE
CVE-2020-3354,"A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need administrative credentials on the affected device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-1634,"On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4 and IPv6. This issue affects: Juniper Networks Junos OS 12.3X48 version 12.3X48-D80 and later versions prior to 12.3X48-D95 on High-End SRX Series. This issue does not affect Branch SRX Series devices.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14042,"** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states ""Codiad is no longer under active maintenance by core contributors.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-36447,An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7822,"DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26597,"An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-36381,"An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10994,"In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0865,"An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0866, CVE-2020-0897.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13659,address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L,2.5,0.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,HIGH,HIGH,NONE,CHANGED,NONE,NONE,LOW
CVE-2020-28617,"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_last().",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10975,GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-15420,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-el7-0.9.8.891. Authentication is not required to exploit this vulnerability. The specific flaw exists within loader_ajax.php. When parsing the line parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9259.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-18155,SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27254,"Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11937,"In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-3867,"A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15437,The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4557,"IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183611.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-4675,IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186324.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-3990,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,6.5,2.0,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-6985,"In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35224,A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-9585,"Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15141,"In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to be placed in arbitrary locations on disk.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N,4.1,2.3,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2020-2597,"Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Call Phone Number Page). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N,4.7,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2020-10023,"The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26983,"A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11900)",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-28283,Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2706,"Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Supported versions that are affected are 16.2.0.0 - 16.2.19.3, 17.12.0.0 - 17.12.17.0, 18.8.0.0 - 18.8.18.0, 19.12.1.0 - 19.12.3.0 and 20.1.0.0 - 20.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10247,MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sighting_field.ctp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10263,"An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro LX06, (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’ SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24981,An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-14062,"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-21992,"Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary (ELF 32-bit LSB executable, ARM) is calling the 'sh' executable via the system() function to issue a command using the mailx service and its vulnerable string format parameter allowing for OS command injection with root privileges. An attacker can remotely execute system commands as the root user using default credentials and bypass access controls in place.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9443,"Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-22021,"Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-1415,"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-1422.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2148,A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-12880,"An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-3398,"A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-1944,"There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2104,"Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-11235,"Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5580,Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-12769,"An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-19952,"Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-16140,The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-1046,"A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system.
To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web application.
The security update addresses the vulnerability by correcting how .NET Framework processes input.
",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26975,"When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-0239,"In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a file (eg. a photo) containing location metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-151095863",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-36670,"The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to invoke these functions which can be used to perform actions like modify form submission records, deleting files, sending test emails, modifying plugin settings, and more.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2020-0644,"An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0635.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9904,"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4988,Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26797,Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-20808,Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote attacker to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8354,A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1430,"An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1354.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7030,"A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27716,"On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0140,"In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146053215",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-36364,An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0. Administration/Controllers/ImportController.cs allows path traversal (for copy and delete actions) in the ImportController.Create method via a TempFileName field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-2818,"Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data as well as unauthorized update, insert or delete access to some of Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2020-3344,"A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11040,"In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,2.7,1.2,1.4,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2020-8187,Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-24502,"Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-6864,"ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-29572,app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-28937,"OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0234,"In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148189280",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11094,"The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests (and all information pertaining to each request including session data) whenever it is enabled. This presents a problem if the plugin is ever enabled on a system that is open to untrusted users as the potential exists for them to use this feature to view all requests being made to the application and obtain sensitive information from those requests. There even exists the potential for account takeovers of authenticated users by non-authenticated public users, which would then lead to a number of other potential issues as an attacker could theoretically get full access to the system if the required conditions existed. Issue has been patched in v3.1.0 by locking down access to the debugbar to all users; it now requires an authenticated backend user with a specifically enabled permission before it is even usable, and the feature that allows access to stored request information is restricted behind a different permission that's more restrictive.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9294,"An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26905,"Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29457,A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-20252,Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4686,IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-26962,"Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox < 83.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8275,Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-22151,Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted zip file to the assests parameter of the upload function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3603,Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5283,"ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the `show_subdir_lastmod` feature enabled. The attack vector involves files with unsafe names (names that, when embedded into an HTML stream, would cause the browser to run unwanted code), which themselves can be challenging to create. This vulnerability is patched in versions 1.2.1 and 1.1.28.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N,3.5,0.9,2.5,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2020-36462,An issue was discovered in the syncpool crate before 0.1.6 for Rust. There is an unconditional implementation of Send for Bucket2.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5831,"Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-11920,"An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code with root privileges (all of the device's services are running as root).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2714,Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-26539,"An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11996,"A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-25879,A stored cross site scripting (XSS) vulnerability in the 'Manage Users' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Username' parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-13588,"An exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The heading_field_id parameter in ‘‘entities/fields’ page is vulnerable to authenticated SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-22169,PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5551,"Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus (LC, LS, NX, RC, RC F), TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the regions other than Japan from Oct. 2016 to Oct. 2019. An attacker with certain knowledge on the target vehicle control system may be able to send some diagnostic commands to ECUs with some limited availability impacts; the vendor states critical vehicle controls such as driving, turning, and stopping are not affected.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12116,Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-16843,"In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14987,An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for administrators to write and run Groovy scripts within the updater editor. An attacker must use an AST transforming annotation such as @Grab.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24673,"In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-28278,Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14625,"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-18428,"tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11101,Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15793,A vulnerability has been identified in Desigo Insight (All versions). The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could allow an unauthenticated attacker to retrieve or modify data in the context of a legitimate user by tricking that user to click on a website controlled by the attacker.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2020-23303,There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_collect_empty in JerryScript 2.2.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35980,An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24397,An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM privileges.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-17500,"Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result in unauthenticated remote code execution in the username and password fields of the logon prompt. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26938,"In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern (""[a-zA-Z][a-zA-Z0-9+.-]+:"") before making a redirection. This allows a malicious client to pass an XSS payload through the redirect_uri parameter while making an authorization request. NOTE: this vulnerability is similar to CVE-2020-7741.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N,7.2,3.9,2.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,LOW,NONE
CVE-2020-5577,"Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3413,"A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization enforcement for requests to delete scheduled meeting templates. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to delete a scheduled meeting template. A successful exploit could allow the attacker to delete a scheduled meeting template that belongs to a user other than themselves.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-24314,"Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the ""t"" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8759,Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12469,admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-27948,"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3392,"A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not properly authenticate API calls. An attacker could exploit this vulnerability by sending API requests to an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system, including information about the devices that the system manages, without authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15217,"In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to the FAQ.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-24418,"Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2106,"Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6444,Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2020-14360,A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7717,All versions of package dot-notes are vulnerable to Prototype Pollution via the create function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12619,MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the attacker to decipher further communication. The entire attack could be accomplished by sending a single email.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-36214,"An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. Because a non-Send type can be sent to a different thread, a data race can occur.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4223,IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175121.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11141,"u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-9736,"AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when browsing to the page containing the vulnerable field.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6285,"SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-4324,"IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. IBM X-Force ID: 177515.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-26516,A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing attackers to cause the victim's browser to execute undesired actions in the web application through crafted requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2623,"Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Metrics Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L).",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L,6.0,1.2,4.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,LOW,LOW
CVE-2020-27040,"In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731880",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-8420,An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26926,"Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-9844,"A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-1936,A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-14367,"A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.0,0.8,5.2,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-10829,"An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), and Q(10.0) (Broadcom chipsets) software. A kernel driver heap overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-15880 (March 2020).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3887,"A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-5922,"In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, iControl REST does not implement Cross Site Request Forgery protections for users which make use of Basic Authentication in a web browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1126,"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1136, CVE-2020-1150.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10421,The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-departments.php by adding a question mark (?) followed by the payload.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11186,"Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0024,"In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5642,Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27054,"In onFactoryReset of BluetoothManagerService.java, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-159061926",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13409,"Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 3 of 3)",CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L,5.9,1.7000000000000002,3.7,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,LOW
CVE-2020-13465,The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15951,"Immuta v2.8.2 accepts user-supplied project names without properly sanitizing the input, allowing attackers to inject arbitrary HTML content that is rendered as part of the application. An attacker could leverage this to redirect application users to a phishing website in an attempt to steal credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-2170,"Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8905,"A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-3742,"Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14711,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14711 is applicable to macOS host only. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,6.5,0.6000000000000001,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-22327,"An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views the information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35450,Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain set_language calls.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-28579,"A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14385,"A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-13988,An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5783,"In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2020-26029,An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-20189,SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4643,"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-12646,"OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-36650,"A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218019.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27191,"LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-10913,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the OCRAndExportToExcel command of the communication API. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9946.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12443,"BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) value has a ../ sequence. This can be leveraged for privilege escalation via a directory traversal to bigbluebutton.properties. NOTE: this issue exists because of an ineffective mitigation to CVE-2020-12112 in which there was an attempted fix within an NGINX configuration file, without considering that the relevant part of NGINX is case-insensitive.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8449,"An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0769,"An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0771.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27870,This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-25881,A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vulnerability allows for an attacker to perform a directory traversal via a crafted .txt file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-1188,"An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0683,"An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8507,The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5249,"In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-9311,"In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35930,"Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15303,"Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-8973,"ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-20412,"lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4435,"Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0915,"An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0916.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6310,"Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-0211,"In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147491773",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-8775,Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L,8.9,2.3,6.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,LOW
CVE-2020-0281,"In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137857778",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N,4.5,0.9,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-13871,SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-9750,"Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8437,"The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-2702,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,7.5,0.8,6.0,HIGH,2024-12-08T08:00Z,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-35495,There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5561,Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15879,"Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1327,"A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-1768,The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,LOW
CVE-2020-16131,"Tiki before 21.2 allows XSS because [\s\/""\'] is not properly considered in lib/core/TikiFilter/PreventXss.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-2768,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.3.28 and prior, 7.4.27 and prior, 7.5.17 and prior, 7.6.13 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster as well as unauthorized update, insert or delete access to some of MySQL Cluster accessible data. CVSS 3.0 Base Score 6.3 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H,6.3,2.1,4.2,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,LOW,HIGH
CVE-2020-14551,"Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). The supported version that is affected is 21.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle AutoVue accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-8936,An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enclave memory. This allowed an attacker to read memory values from within the enclave.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11016,"IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the ""send"" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue to execute arbitrary code with the privileges of the webserver. Version 2.1.1 fixes the vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3309,"A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25036,"UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1918,"In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-12706,Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-12963,An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27847,"A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. This flaw affects dex versions before 2.27.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8952,"Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the logout.jsp timeOut parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-28644,The CSRF (Cross Site Request Forgery) token check was improperly implemented on cookie authenticated requests against some ocs API endpoints. This affects ownCloud/core version < 10.6.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-4794,"IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,LOW
CVE-2020-9493,A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25016,"A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-3664,"Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H,6.0,0.8,5.2,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-7187,A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7145,A chooseperfview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26311,"Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no patches are available.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-15778,"scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of ""anomalous argument transfers"" because that could ""stand a great chance of breaking existing workflows.""",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0523,Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-28251,"NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6919,"Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3778,"Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-15698,An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-5148,"SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N,8.2,3.9,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,NONE
CVE-2020-7571,A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a Cross-Site Scripting reflected attack against other WebReport users.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-9124,"There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-19778,"Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in ""/index.php"" by manipulating the parameter ""user_id"" in the HTML request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13414,An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15994,Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27449,"Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-1311,"An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3155,"A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. The vulnerability is due to a lack of validation of the SSL server certificate received when establishing a connection to a Cisco Webex video device or a Cisco collaboration endpoint. An attacker could exploit this vulnerability by using man in the middle (MITM) techniques to intercept the traffic between the affected client and an endpoint, and then using a forged certificate to impersonate the endpoint. Depending on the configuration of the endpoint, an exploit could allow the attacker to view presentation content shared on it, modify any content being presented by the victim, or have access to call controls. This vulnerability does not affect cloud registered collaboration endpoints.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-1190,"An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1191.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0935,"An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-0217,"In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141331405",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8790,"The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24195,An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-7163,A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14978,"An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25781,An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-27922,"A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted font file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29615,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted image may lead to a denial of service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0257,"In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-156741968",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36193,"Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-1897,A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11255,"Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-7490,"A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7591,"A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single sign-on feature (""Allow logon without password"") is enabled.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-21996,AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-25285,"A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25729,ZoneMinder before 1.34.21 has XSS via the connkey parameter to download.php or export.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-12388,The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-13343,An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11519,The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \\.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3242,"A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. The vulnerability exists because confidential information is returned as part of an API response. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to obtain the API key of another user, which would allow the attacker to impersonate the account of that user on the affected device. To exploit this vulnerability, the attacker must have administrative privileges on the device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-10608,"In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35800,"Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L,9.4,3.9,5.5,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,LOW
CVE-2020-8694,Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0599,Improper access control in the PMC for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4825,IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 189839.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6650,UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-21862,Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-11668,"In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-1695,"A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-11414,"An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the directory where the upload handler class is defined. Before 2020.1.330, a crafted web request could result in uploads to arbitrary locations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-5537,Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35192,The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11492,"An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12380,"Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-22617,Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2972,"Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application Express. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Express, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Express accessible data as well as unauthorized read access to a subset of Oracle Application Express accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-18654,"Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the ""Title"" parameter in the component ""/coreframe/app/guestbook/myissue.php"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0354,"In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143604331",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-19455,"SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27351,"Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions prior to 1.6.5ubuntu0.4; 2.0.0ubuntu0 versions prior to 2.0.0ubuntu0.20.04.2; 2.1.3ubuntu1 versions prior to 2.1.3ubuntu1.1;",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L,2.8,1.3,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,NONE,NONE,LOW
CVE-2020-29189,Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-8284,"A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,3.7,2.2,1.4,LOW,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-1613,"A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that originally sent the specific BGP FlowSpec advertisement. This specific BGP FlowSpec advertisement received from a BGP peer might get propagated from a Junos OS device running the fixed release to another device that is vulnerable causing BGP session termination downstream. This issue affects IPv4 and IPv6 BGP FlowSpec deployment. This issue affects Juniper Networks Junos OS: 12.3; 12.3X48 on SRX Series; 14.1X53 on EX and QFX Series; 15.1 versions prior to 15.1R7-S5; 15.1F versions prior to 15.1F6-S13; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D497 on NFX Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400; 16.1 versions prior to 16.1R7-S7; 17.1 versions prior to 17.1R2-S12, 17.1R3; 17.2 versions prior to 17.2R2-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110, 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R1-S8, 17.4R2; 18.1 versions prior to 18.1R2-S4, 18.1R3; 18.2X75 versions prior to 18.2X75-D20.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4775,"A cross-site scripting (XSS) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. This vulnerability allows attackers to inject malicious scripts into web applications for the purpose of running unwanted actions on the end user's device, restricted to a single location. IBM X-Force ID: 189153.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8417,The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3423,"A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device. The vulnerability is due to insufficient restrictions on Lua function calls within the context of user-supplied Lua scripts. An attacker with valid administrative credentials could exploit this vulnerability by submitting a malicious Lua script. When this file is processed, an exploitable buffer overflow condition could occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux OS of the affected device.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26233,"Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and then recursively clone all submodules by starting new Git processes from the top-level working directory. If a malicious git.exe executable is present in the top-level repository then this binary will be started by Git Credential Manager Core when attempting to read configuration, and not git.exe as found on the %PATH%. This only affects GCM Core on Windows, not macOS or Linux-based distributions. GCM Core version 2.0.289 contains the fix for this vulnerability, and is available from the project's GitHub releases page. GCM Core 2.0.289 is also bundled in the latest Git for Windows release; version 2.29.2(3). As a workaround, users should avoid recursively cloning untrusted repositories with the --recurse-submodules option.",CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N,7.3,1.0,5.8,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,HIGH,REQUIRED,CHANGED,HIGH,HIGH,NONE
CVE-2020-28653,Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5960,"NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-17372,SugarCRM before 10.1.0 (Q3 2020) allows XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7942,"Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27691,"The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-14506,"Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-14641,Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27653,Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H,8.3,1.6,6.0,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-2737,"Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Core RDBMS. CVSS 3.0 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29651,A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-3968,"VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine's vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-17439,"An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata() in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query with a transaction ID that matches the transaction ID of an incoming reply. Provided that the default DNS cache is quite small (only four records) and that the transaction ID has a very limited set of values that is quite easy to guess, this can lead to DNS cache poisoning.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L,8.3,3.9,3.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,LOW,LOW,LOW
CVE-2020-5976,"NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5307,"PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4672,IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186285.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10248,BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-6870,"The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network management system and equipment. This affects: NetNumenU31R20 V12.17.20T115",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-21127,MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-22041,A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-18124,A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N,5.7,2.1,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-4358,IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-5589,"SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone within the Bluetooth range can make the Bluetooth pairing and operate such as changing volume of the product.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9934,"An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15997,Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36785,"In the Linux kernel, the following vulnerability has been resolved:

media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()

The ""s3a_buf"" is freed along with all the other items on the
""asd->s3a_stats"" list.  It leads to a double free and a use after free.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2573,Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14519,"This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web browser is used to access a web server) via a specifically crafted Java Script payload, which may allow alteration or creation of license files for when combined with CVE-2020-14515.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-28572,A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9439,"Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the search_key GET Parameter in TinCan_Content_List_Table.php, message GET Parameter in licensing.php, tc_filter_group parameter in reporting-admin-menu.php, tc_filter_user parameter in reporting-admin-menu.php, tc_filter_course parameter in reporting-admin-menu.php, tc_filter_lesson parameter in reporting-admin-menu.php, tc_filter_module parameter in reporting-admin-menu.php, tc_filter_action parameter in reporting-admin-menu.php, tc_filter_data_range parameter in reporting-admin-menu.php, or tc_filter_data_range_last parameter in reporting-admin-menu.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-12013,"A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server v10.96 and prior; ICONICS GenBroker32 v9.5 and prior.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-13936,An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15619,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_list_accounts.php. When parsing the type parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-9723.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-13791,hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11788,"Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, PR2000 before 1.0.0.28, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, and R6900v2 before 1.2.0.36.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5834,"Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-10846,"An issue was discovered on Samsung mobile devices with P(9.x) and Q(10.x) software. Attackers can enable the OEM unlock feature on a KG-enrolled devices, leading to potentially unwanted binaries being downloaded. The Samsung ID is SVE-2019-16554 (February 2020).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15162,"In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6653,Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's account and associated devices.,CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,3.9,0.30000000000000004,3.6,LOW,2024-12-08T08:00Z,PHYSICAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-13773,"Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7388,"Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can be learned by exploiting CVE-2020-7387. This issue was fixed in AdxAdmin 93.2.53, which ships with updates for on-premises versions of Sage X3 including Version 9 (components shipped with Syracuse 9.22.7.2 and later), Sage X3 HR & Payroll Version 9 (those components that ship with Syracuse 9.24.1.3), Version 11 (components shipped with Syracuse 11.25.2.6 and later), and Version 12 (components shipped with Syracuse 12.10.2.8 and later) of Sage X3. Other on-premises versions of Sage X3 are unsupported by the vendor.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9040,Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component due to missing hostname verification.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-35752,Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10746,"A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,6.1,1.8,4.2,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2020-24359,"HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-1580,"A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.
The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35228,A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote attackers to inject arbitrary web script or HTML via the language parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6263,"Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2284,Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N,7.1,2.8,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2020-2137,"Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-4432,"Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6804,"A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-21785,"In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7202,A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-8127,Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0927,"A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6393,Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-25837,Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0665,"An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27518,All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12423,"When the Windows DLL ""webauthn.dll"" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7817,"MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf). At this time, there is a vulnerability in downloading arbitrary files due to insufficient integrity verification of the files.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11973,"Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-20658,"Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-28404,"An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2593,"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,4.8,2.2,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-13977,"Nagios 4.4.5 allows an attacker, who already has administrative access to change the ""URL for JSON CGIs"" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-10063,A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-21881,Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-11509,An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator's browser if the template is used to create a page).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-12504,"Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8542,OX App Suite through 7.10.3 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15667,"When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key. This vulnerability affects Firefox < 80.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3208,"A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification. A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4015,The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Crucible before version 4.8.1 allows remote attackers to view user user email addresses via a information disclosure vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-19693,An issue found in Espruino Espruino 6ea4c0a allows an attacker to execute arbitrrary code via oldFunc parameter of the jswrap_object.c:jswrap_function_replacewith endpoint.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14429,"Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2499,"A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26996,"A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of CG4 files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12027)",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25094,"LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24563,"A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2604,"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13331,An issue has been discovered in GitLab affecting versions prior to 12.10.13. GitLab was vulnerable to a stored XSS by in the Wiki pasges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-14377,A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attacker in a virtual machine to read significant amounts of host memory. The highest threat from this vulnerability is to data confidentiality and system availability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-14205,The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-9560,Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35340,A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-25712,A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15569,PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11071,"SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This is fixed in version 0.27.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,8.6,3.9,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE
CVE-2020-13328,"An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. GitLab was vulnerable to a stored XSS by using the PyPi files API.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7722,All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5806,An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-24203,Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10464,Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-24292,Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8027,"A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H,6.6,1.8,4.7,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2020-27936,"An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A local user may be able to cause unexpected system termination or read kernel memory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-23481,CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Field Definition text field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0430,"In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153881554",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25628,"The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11437,LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-6552,Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14561,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25561,SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8869,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9881.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7577,"A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an authenticated user could perform an SQL Injection attack by passing a modified SQL query downstream to the back-end server. The exploit of this vulnerability could be used to read, and potentially modify application data to which the user has access to.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-1975,"Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14452,"An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTTP, aka MMSA-2020-0014.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-17405,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10980.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12399,"NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.",CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-26924,Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before 3.9.1.13 and WAC730 before 3.9.1.13.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-7507,A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5733,"In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of potentially sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-25474,SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15861,Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0673,"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4780,"OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. The purpose of the 'secure' attribute is to prevent cookies from being observed by unauthorized parties. IBM X-Force ID: 189158.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-10615,"Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-17408,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External Entity (XXE) references, a specially-crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-10801.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-16260,"Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-4287,"IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176269.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24613,"wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers, and read or modify potentially sensitive information between clients using the wolfSSL library and these TLS servers.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N,6.8,1.6,5.2,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-18705,XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1145,"An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1179.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1556,"An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by ensuring the Windows WalletService properly handles objects in memory.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11685,"In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-8567,"Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-0207,"In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-135532289",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15305,An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-1696,"A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting (XSS) vulnerability when the profile ID is printed. An attacker with sufficient permissions could trick an authenticated victim into executing a specially crafted Javascript code.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-10701,"A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set, this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero, potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-12131,The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter (shown next to the UI logo).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-1980,"A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25138,"An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via /alert_check/action=delete_alert_checker/alert_test_id= because of pages/alert_check.inc.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-25148,"An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. this can occur via /iftype/type= because of pages/iftype.inc.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11114,"u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in AR9344",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9576,"Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12041,"The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H,9.4,3.9,5.5,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,HIGH
CVE-2020-2224,"Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-26931,"Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2723,"Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N,7.1,2.8,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2020-28337,"A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously constructed ZIP file with file paths including relative paths (i.e., ../../), move this file into the backup directory, and execute a restore on this file.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-20467,"White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,6.5,3.9,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-5366,Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability by manipulating input parameters to gain unauthorized read access to the arbitrary files.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-12608,An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26183,Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-9241,"Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H,7.0,2.2,4.7,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2020-12911,A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a non-privileged account.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-13174,"The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-4831,IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2541,"Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2020-36550,Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-7973,GitLab through 12.7.2 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-5013,IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 193245.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-4657,IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186094.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11987,"Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,8.2,3.9,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2020-16214,"In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the 
software saves user-provided information into a comma-separated value 
(CSV) file, but it does not neutralize or incorrectly neutralizes 
special elements that could be interpreted as a command when the file is
 opened by spreadsheet software.



",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,5.0,1.8,2.7,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-3168,"A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. The vulnerability is due to improper resource allocation during failed CLI login attempts when login parameters that are part of the Secure Login Enhancements capability are configured on an affected device. An attacker could exploit this vulnerability by performing a high amount of login attempts against the affected device. A successful exploit could cause the affected device to become inaccessible to other users, resulting in a denial of service (DoS) condition requiring a manual power cycle of the VSM to recover.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-13619,php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7643,paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-5610,Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service (DoS) condition and execute arbitrary code via unspecified vectors.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-28267,Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-26930,NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N,3.8,1.2,2.5,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-8183,A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2036,A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9842,"An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-4267,"IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14297,"A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-8154,An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-35506,"A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11297,"Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0936,"An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-35555,"An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. The LG ID is LVE-SMP-200027 (December 2020).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36212,An issue was discovered in the abi_stable crate before 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-10786,A remote command execution in Vesta Control Panel through 0.9.8-26 allows any authenticated user to execute arbitrary commands on the system via cron jobs.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15702,"TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-28922,An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-12860,"COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identification of a device, and potentially identification of the owner's name.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-35865,An issue was discovered in the os_str_bytes crate before 2.0.0 for Rust. It has false expectations about char::from_u32_unchecked behavior.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-23273,Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-24722,"An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause metadata deanonymization and risk-score inflation. NOTE: the vendor's position is ""We do not believe that TX power authentication would be a useful defense against relay attacks.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-0733,"An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14231,A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the attacker to crash the program or inject code into the system which would execute with the privileges of the currently logged in user.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1951,A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14515,"CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-28407,"In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-2147,A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2020-10632,"Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-10590,Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11596,A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP GET requests to a certain URL and obtain information about what files and directories reside on the server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-17456,SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-23931,An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-3748,"Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11223,"Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-23240,Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35197,The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9109,"There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-3809,Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-13887,documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7139,"Potential remote access security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to access and modify sensitive information on the system. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-22015,"Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3172,"A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4863,IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-35839,"Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.2.56, XR700 before 1.0.1.10, and RAX120 before 1.0.0.78.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N,8.1,1.7000000000000002,5.8,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,HIGH,HIGH,NONE
CVE-2020-5886,"On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only on the network used for connection mirroring.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-13310,"A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11903,The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-6991,"In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15566,"An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory allocation failed, or (3) the port we try to allocate is higher than what is supported by the ABI (e.g., 2L or FIFO) used by the guest or the limit set by an administrator (max_event_channels in xl cfg). Due to the missing error checks, only (1) will be considered an error. All the other cases will provide a valid port and will result in a crash when trying to access the event channel. When the administrator configured a guest to allow more than 1023 event channels, that guest may be able to crash the host. When Xen is out-of-memory, allocation of new event channels will result in crashing the host rather than reporting an error. Xen versions 4.10 and later are affected. All architectures are affected. The default configuration, when guests are created with xl/libxl, is not vulnerable, because of the default event-channel limit.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-29299,"Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4619,IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 184976.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-35916,"An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. (In the case of LLVM, the IR may be always correct.)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-12143,"The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-2817,"Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Scripting, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Scripting accessible data as well as unauthorized update, insert or delete access to some of Oracle Scripting accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2020-25638,A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-1899,"The unserialize() function supported a type code, ""S"", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0189,"In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-3755,"Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-9781,The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-1907,"A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8764,Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14676,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,7.5,0.8,6.0,HIGH,2024-12-08T08:00Z,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-9017,LiteCart through 2.2.1 allows CSV injection via a customer's profile.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36762,A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10791,app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connection feature (aka testGrafanaConnection) of the Grafana Module.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-10007,A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to determine kernel memory layout.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-16117,"In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-26941,"A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-2669,"Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2020-15025,"ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-6320,"SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which impacts Confidentiality and Integrity of data in the application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-8246,"Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-6242,"SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificate, leading to Missing Authentication Check.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25612,The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. Successful exploit could potentially allow an attacker to gain access to sensitive information.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1646,"On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue does not occur when the device is receiving and processing the BGP UPDATE for an IBGP peer. However, the offending BGP UPDATE can originally come from an EBGP peer, propagates through the network via IBGP peers without causing crash, then it causes RPD crash when it is processed for a BGP UPDATE towards an EBGP peer. Repeated receipt and processing of the same specific BGP UPDATE can result in an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 17.3R3-S6, 17.4R2-S7, and 18.1R3-S7. Juniper Networks Junos OS Evolved 19.2R2-EVO and later versions, prior to 19.3R1-EVO. Other Junos OS releases are not affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-36152,Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3176,"A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying certain CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, which could result in a complete system compromise.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-20693,A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1928,An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-5740,"Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12499,In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-26234,"Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for man-in-the-middle attacks. This problem is fixed in Opencast 7.9 and Opencast 8.8 Please be aware that fixing the problem means that Opencast will not simply accept any self-signed certificates any longer without properly importing them. If you need those, please make sure to import them into the Java key store. Better yet, get a valid certificate.",CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N,4.8,1.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,LOW,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-19586,Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-14149,"In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-13949,"In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-36540,"A vulnerability, which was classified as critical, was found in Neetai Tech. Affected is an unknown function of the file /product.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4035,"In WatermelonDB (NPM package ""@nozbe/watermelondb"") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become unusable. This may happen in apps that don't validate IDs (valid IDs are `/^[a-zA-Z0-9_-.]+$/`) and use Watermelon Sync or low-level `database.adapter.destroyDeletedRecords` method. The integrity risk is low due to the fact that maliciously deleted records won't synchronize, so logout-login will restore all data, although some local changes may be lost if the malicious deletion causes the sync process to fail to proceed to push stage. No way to breach confidentiality with this vulnerability is known. Full exploitation of SQL Injection is mitigated, because it's not possible to nest an insert/update query inside a delete query in SQLite, and it's not possible to pass a semicolon-separated second query. There's also no known practicable way to breach confidentiality by selectively deleting records, because those records will not be synchronized. It's theoretically possible that selective record deletion could cause an app to behave insecurely if lack of a record is used to make security decisions by the app. This is patched in versions 0.15.1, 0.16.2, and 0.16.1-fix",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H,5.9,1.6,4.2,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2020-35730,"An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-22057,The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-10439,The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-discussed.php by adding a question mark (?) followed by the payload.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11272,"Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36638,** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of the argument error leads to cross site scripting. The attack may be initiated remotely. The patch is named 9a45087814295de6fb3a3fe38f96293665234da1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217043. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-19048,"Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the ""Title"" field found in the ""Add New Forum"" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-26405,"Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L,7.1,2.8,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,LOW
CVE-2020-7681,This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-36162,"An issue was discovered in Veritas CloudPoint before 8.3.0.1+hotfix. The CloudPoint Windows Agent leverages OpenSSL. This OpenSSL library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems users can create directories under <drive>:\. A low privileged user can create a <drive>:\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine, which may result in arbitrary code execution. This would give the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-4527,"IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 182631.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5565,Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-1101,"A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1106.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15989,Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11130,"u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12470,MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-23899,A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-26582,D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14178,"Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before 8.12.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2128,"Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-9201,"There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4475,IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11628,"An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions can be bypassed by modifying the URI string from a client. (EJBCA's internal access control restrictions are still in place, and each respective protocol must be configured to allow for enrollment.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-22056,A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-1887,Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-36246,Amaze File Manager before 3.5.1 allows attackers to obtain root privileges via shell metacharacters in a symbolic link.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27372,A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1.21 in the run_interpreter function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12349,Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-28657,"In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9413,The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrary commands on the affected system. If the attacker convinces an authenticated user with a currently active session to enter or click on the URL the commands will be executed on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center: versions 8.2.1 and below and TIBCO Managed File Transfer Internet Server: versions 8.2.1 and below.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-15488,Re:Desk 2.3 allows insecure file upload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-8919,"An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.5,2.1,1.4,LOW,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-4271,IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2020-14274,Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-25988,"UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27721,"In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-2509,"A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10266,"UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily obtained from Universal Robots. An attacker could exploit this flaw by crafting a custom component with the SDK, performing Person-In-The-Middle attacks (PITM) and shipping the maliciously-crafted component on demand.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2696,"Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-27678,"An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27402,The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port (UART) connection or using adb.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25786,webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-12837,ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-10284,"No authentication is required to control the robot inside the network, moreso the latest available user manual shows an option that lets the user to add a password to the robot but as in xarm_studio 1.3.0 the option is missing from the menu. Assuming manual control, even by forcefully removing the current operator from an active session.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-5858,"On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-17398,"This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-11302.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,6.5,2.0,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-26122,"Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the attacker who obtains the administrator's rights can control the BMC by inserting malicious code into the firmware program and bypassing the current verification mechanism to upgrade the BMC.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13262,Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15634,This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-9755.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2020-8286,curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-20413,SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13980,"OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states ""this is not a massive issue as you are still required to be logged into the admin.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0316,"In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-7066,"In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-6409,Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7043,"An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-8471,"For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, weak file permissions allow an authenticated attacker to block the license handling, escalate his/her privileges and execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12779,"Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-25240,"A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when guessing the url. An attacker could impact availability, integrity and gain information from logs and templates of the service.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6969,"It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3249,"Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-28009,Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3749,"Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14700,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N,5.3,0.8,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-15654,"When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-24634,"An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-22809,"In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14936,"Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_oid() may overwrite memory areas beyond the provided target buffer, when called from snmp_message_decode() upon an SNMP request reception. Because the content of the write operations is externally provided in the SNMP requests, it enables a remote overwrite of an IoT device's memory regions beyond the allocated buffer. This overflow may allow remote overwrite of stack and statically allocated variables memory regions by sending a crafted SNMP request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36649,A vulnerability was found in mholt PapaParse up to 5.1.x. It has been classified as problematic. Affected is an unknown function of the file papaparse.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 5.2.0 is able to address this issue. The name of the patch is 235a12758cd77266d2e98fd715f53536b34ad621. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218004.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-35329,Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-5949,"On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-1361,"An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system, aka 'Windows WalletService Information Disclosure Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15036,NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-13661,"Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser option. Fixed in version 5.0.20204.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9803,"A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9038,Joplin through 1.0.184 allows Arbitrary File Read via XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8233,"A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2492,"If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-16156,CPAN 2.28 allows Signature Verification Bypass.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15632,This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-842 3.13B05 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HNAP GetCAPTCHAsetting requests. The issue results from the lack of proper handling of sessions. An attacker can leverage this vulnerability to execute arbitrary code in the context of the device. Was ZDI-CAN-10083.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14184,"Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-13289,"A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-6581,"Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8573,"The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the Compute Firmware Bundle 12.2.92 the BMC account password on the H610C, H615C and H610S platforms is reset to the default documented value which could allow remote attackers to cause a Denial of Service (DoS).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-29396,"A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29613,A logic issue was addressed with improved state management. This issue is fixed in iOS 14.3 and iPadOS 14.3. An enterprise application installation prompt may display the wrong domain.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-19513,Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10080,GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possible for certain non-members to access the Contribution Analytics page of a private group.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-35717,"zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-7319,Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-25846,"The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N,7.4,2.8,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,NONE,NONE
CVE-2020-12122,"In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8797,"Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9453,"In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-8489,"Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making Information Management history services unavailable.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0695,"A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2020-10537,An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4079,"Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 2.8.0, when the ajax endpoint for the ""excel export"" portal functionality is called directly it allows getting data without scope filtering. This allows a user to access data they which they should not have access to. This is fixed in versions 2.7.2 and 3.0.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,7.7,3.1,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-7055,"An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-1121,"An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1165, CVE-2020-1166.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11110,"Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-16295,A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5674,Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9732,The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-9607,"Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15301,"SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15258,"In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The issue was patched by implementing a helper function which checks if the URL's protocol is common. If it is common, the URL will be opened externally. If not, the URL will not be opened and a warning appears for the user informing them that a probably insecure URL was blocked from being executed. The issue is patched in Wire 3.20.x. More technical details about exploitation are available in the linked advisory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36745,"The WP Project Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.0. This is due to missing or incorrect nonce validation on the do_updates() function. This makes it possible for unauthenticated attackers to trigger updates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0297,"In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155183624",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-10612,"Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open without any restrictions. This allows an attacker with network access to control the SoftPACAgent service including updating SoftPAC firmware, starting or stopping service, or writing to certain registry values.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-23861,"A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-15321,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6175,Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-9865,"A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2020-25613,"An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-13675,"Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15418,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSRSReport class. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose file contents in the context of SYSTEM. Was ZDI-CAN-10709.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11167,"Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2884,"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-20122,Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8320,An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11866,libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9852,"An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4471,IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2020-10457,Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to be renamed).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N,2.7,1.2,1.4,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-15477,The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36238,"The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-15733,An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-36379,"An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7185,A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-4384,"IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179265.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6270,"SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user leading to wrong prices.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-1904,"A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-0639,"An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0615.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-21787,CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11136,"Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27192,BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6009,LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14334,A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-1561,"A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.
To exploit the vulnerability, a user would have to open a specially crafted file.
The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0047,"In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141622311",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-13275,A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-29127,"An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14075,"TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0481,"In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157472962",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-11584,"A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-6286,"The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-1365,"An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1371.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6271,"SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data (files visible for technical administration users of the diagnostics agent).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H,8.2,3.9,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,HIGH
CVE-2020-16267,Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5600,"TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a resource management error vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-17490,The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-4209,"IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing ""dot dot"" sequences (/../) to create arbitrary files on the system. IBM X-Force ID: 175019.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2020-15081,"In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is information exposure in the upload directory. The problem is fixed in version 1.7.6.6. A possible workaround is to add an empty index.php file in the upload directory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-1778,"When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-35864,An issue was discovered in the flatbuffers crate through 2020-04-11 for Rust. read_scalar (and read_scalar_at) can transmute values without unsafe blocks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-11841,"Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-13699,"TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10557,An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload section in the file manager page contains an arbitrary file upload vulnerability via upload.php. The extension .php7 bypasses file upload restrictions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29610,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may disclose restricted memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-3400,"A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web UI. A successful exploit could allow the attacker to utilize parts of the web UI for which they are not authorized. This could allow a Read-Only user to perform actions of an Admin user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8259,Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-24025,Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-17451,"flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-24375,A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-27284,"TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-29456,"Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in Papermerge, a malicious document can be sent by email and is automatically uploaded into the Papermerge web application. Therefore, no authentication is required to exploit XSS if email consumption is configured. Otherwise authentication is required.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-15689,"Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact range. This may result in a NULL pointer dereference and cause a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-8879,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-9626.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-2009,An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9386,"In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, file metadata information is disclosed to group members in the Elasticsearch result list despite them not having access to that artefact anymore.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-2852,"Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Calendar). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Advanced Outbound Telephony, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data as well as unauthorized update, insert or delete access to some of Oracle Advanced Outbound Telephony accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2020-7462,"In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-13260,"A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8544,OX App Suite through 7.10.3 allows SSRF.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-25791,"An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-24188,Cross-site scripting (XSS) vulnerability in the search functionality in Intrexx before 9.4.0 allows remote attackers to inject arbitrary web script or HTML via the request parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11914,The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-2158,"Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3855,"An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-0645,"A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-2883,"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35723,Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the ReportPreview.do file via the referer parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8170,"We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-28455,This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-13614,An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-35460,"common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-5579,SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-18768,"There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-27230,A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-35521,"A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5873,"On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25701,"If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-7109,The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8615,A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-7606,"docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within 'index.js' of the package, the function 'exec(serviceName, cmd, fnStdout, fnStderr, fnExit)' uses the variable 'serviceName' which can be controlled by users without any sanitization.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10940,Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3301,"Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2308,A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-5776,"Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36521,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-27004,"A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12163)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-0857,"An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27821,"A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H,6.0,1.5,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-3134,"A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of zip files. An attacker could exploit this vulnerability by sending an email message with a crafted zip-compressed attachment. A successful exploit could trigger a restart of the content-scanning process, causing a temporary DoS condition. This vulnerability affects Cisco AsyncOS Software for Cisco ESA releases earlier than 13.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2020-15180,"A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H,9.0,2.2,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-11287,"Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1259,"A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged, aka 'Windows Host Guardian Service Security Feature Bypass Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-0227,"In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-129476618",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10722,"A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13397,An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11298,"While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-10802,"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24615,"Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2020-4685,"A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of user in Cognos Controller. IBM X-Force ID: 186625.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9228,"FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-18735,A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5353,The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-9487,"In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. An unauthenticated user could repeatedly request download tokens, preventing legitimate users from requesting download tokens.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-14040,"The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0407,"In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153450752References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-24827,A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0094,"In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6317,"In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or render unavailable any other information in the cockpit or system. This affects SAP Adaptive Server Enterprise, Versions - 15.7, 16.0.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.5,2.1,1.4,LOW,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-29041,"A misconfiguration in Web-Sesame 2020.1.1.3375 allows an unauthenticated attacker to download the source code of the application, facilitating its comprehension (code review). Specifically, JavaScript source maps were inadvertently included in the production Webpack configuration. These maps contain sources used to generate the bundle, configuration settings (e.g., API keys), and developers' comments.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-0519,Improper access control for Intel(R) Graphics Drivers before versions 15.33.49.5100 and 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-3346,"A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-36170,"The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name=""timestamp"" fields in forms.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-10971,"An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time. The POST request itself is not validated to ensure it came from the active session. Affected devices are: Wavlink WN530HG4, Wavlink WN575A3, Wavlink WN579G3,Wavlink WN531G3, Wavlink WN533A8, Wavlink WN531A6, Wavlink WN551K1, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, WN572HG3, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14522,"Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4395,IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 179358.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-3179,"A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-0506,"Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,2.3,0.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2020-11004,"SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-35981,An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5195,Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. This occurs because of the folder_up.png IMG element not properly sanitizing user-inserted directory paths. The path modification must be done on a publicly shared folder for a remote attacker to insert arbitrary JavaScript or HTML. The vulnerability impacts anyone who clicks the malicious link crafted by the attacker.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-11963,"IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-28144,"Certain Moxa Inc products are affected by an improper restriction of operations in EDR-G903 Series Firmware Version 5.5 or lower, EDR-G902 Series Firmware Version 5.5 or lower, and EDR-810 Series Firmware Version 5.6 or lower. Crafted requests sent to the device may allow remote arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14162,"An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0333,"In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14402,An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,LOW
CVE-2020-0328,"In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150156131",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-22453,Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-26100,chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-24194,A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-2252,Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,4.8,2.2,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2020-10463,Reflected XSS in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-13592,"An exploitable SQL injection vulnerability exists in ""global_lists/choices"" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-36651,A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The identifier of the patch is c4c0f0138ab5afbac58e03915d446680421bde28. It is recommended to apply a patch to fix this issue. The identifier VDB-218461 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-24427,"Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-24113,"Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2020-10705,"A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the ""Expect: 100-continue"" header may cause an out of memory error. This flaw may potentially lead to a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-12986,"An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5632,"InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1) allow authenticated attackers to bypass access restriction and to execute arbitrary code with an elevated privilege via a specially crafted executable files.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-25269,"An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-4099,"The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-3883,"This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to use arbitrary entitlements.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-20124,Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7617,ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a '__proto__' payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-21526,"An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-13345,An issue has been discovered in GitLab affecting all versions starting from 10.8. Reflected XSS on Multiple Routes,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-26838,"SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2020-0972,"A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0114,"In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-11125,"u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5644,"Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ""05.65.00.BD"" and earlier, GT1450-QMBDE CoreOS version ""05.65.00.BD"" and earlier, GT1450-QLBDE CoreOS version ""05.65.00.BD"" and earlier, GT1455HS-QTBDE CoreOS version ""05.65.00.BD"" and earlier, and GT1450HS-QMBDE CoreOS version ""05.65.00.BD"" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-5599,"TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-16281,The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a local authenticated attacker to escape from the restricted environment and execute arbitrary code due to unrestricted context menus being accessible.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-14595,Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). Supported versions that are affected are 6.1 and 6.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle iLearning. CVSS 3.1 Base Score 8.2 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L,8.2,3.9,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,LOW
CVE-2020-24573,BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled Resource Consumption) via requests to the lighttpd component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-26412,Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-35339,"In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-1793,"There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-24141,"Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2020-27993,Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2020-12425,"Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-1775,"BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2020-5655,"NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-5797,"UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,6.1,0.9,5.2,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-1397,"An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-2567,"Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Security). The supported version that is affected is 18.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Customer Management and Segmentation Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Customer Management and Segmentation Foundation accessible data as well as unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-0854,"An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2020-25176,"Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0379,"In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150156492",CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.7,2.1,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2020-15644,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the setAppFileBytes method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10550.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-27123,"A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulnerability is due to an exposed IPC function. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system of the affected device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-11718,An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2020-8351,A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0638,"An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-15500,"An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-27543,The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2020-6017,"Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-0330,"In iorap, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege and code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150331085",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-12415,"When ""%2F"" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox < 78.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-2139,An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2020-6484,Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2020-24075,"Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2020-8645,An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-8616,"A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2020-10587,"antiX and MX Linux allow local users to achieve root access via ""persist-config --command /bin/sh"" because of the Sudo configuration.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-2828,"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-14704,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N,6.0,1.5,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,NONE,NONE
CVE-2020-0351,"In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777537",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2020-2697,"Vulnerability in the Oracle Hospitality Suites Management component of Oracle Food and Beverage Applications. Supported versions that are affected are 3.7 and 3.8. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality Suites Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suites Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suites Management accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N,4.9,0.7000000000000001,4.2,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2020-15523,"In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-7816,"A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2020-6750,"GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2020-4291,"IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176334.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-30750,The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.3. A malicious application may be able to access the user's recent contacts.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39933,"An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression used for handling user input (notes, comments, etc) was susceptible to catastrophic backtracking that could cause a DOS attack.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-30738,"A malicious application may be able to overwrite arbitrary files. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Mojave. An issue with path validation logic for hardlinks was addressed with improved path sanitization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-3515,A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as the postgresql user when calling pglogical.create_subscription().,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46240,A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c. This vulnerability can lead to a Denial of Service (DoS).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-42713,Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39237,"Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21001,On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-26556,"When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20078,Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the OS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-30028,"SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30290,"Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41780,"Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24584,"The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when updating a timeslot, allowing any user with the edit_posts capability (contributor+) to update arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such attack to be perform via CSRF against a logged in with such capability. In versions before 2.3.19, the lack of sanitisation and escaping in some of the fields, like the descritption could also lead to Stored XSS issues",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-38144,"An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g., clients/forms/edit_submission.php?form_id=1&view_id=1&submission_id=[XSS].",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0426,"In parsePrimaryFieldFirstUidAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174485572",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24214,"The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-45931,HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-40024,Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-31292,An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22711,"A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing validation of input data.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34934,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14912.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28641,"Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36178,A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below allows attacker to disclose third-party devices credential information via configuration page lookup.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-34590,In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33325,"The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the database to obtain a user's password.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1150,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33270,D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_800462c4 in /formAdvFirewall. This vulnerability is triggered via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46163,Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-41930,"Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid Vaccination Scheduler System v1 by oretnom23, allows attackers to execute arbitrary code via the lid parameter to /scheduler/addSchedule.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-23416,"This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-31632,b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to execute arbitrary code via a crafted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1445,"Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-46354,"Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter ""Addr"" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3370,DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vulnerability via /admin/cloud.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-22987,"On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-38569,An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-46022,An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-21607,"Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25159,A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-23836,An issue was discovered in flatCore before 2.0.0 build 139. A stored XSS vulnerability was identified in the prefs_smtp_psw HTTP request body parameter for the acp interface. An admin user can inject malicious client-side script into the affected parameter without any form of input sanitization. The injected payload will be executed in the browser of a user whenever one visits the affected module page.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24700,"The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-31895,"A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 (All versions < V4.3.7), RUGGEDCOM ROS RMC30 (All versions < V4.3.7), RUGGEDCOM ROS RMC40 (All versions < V4.3.7), RUGGEDCOM ROS RMC41 (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RP110 (All versions < V4.3.7), RUGGEDCOM ROS RS400 (All versions < V4.3.7), RUGGEDCOM ROS RS401 (All versions < V4.3.7), RUGGEDCOM ROS RS416 (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM ROS RS8000 (All versions < V4.3.7), RUGGEDCOM ROS RS8000A (All versions < V4.3.7), RUGGEDCOM ROS RS8000H (All versions < V4.3.7), RUGGEDCOM ROS RS8000T (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900G (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900GP (All versions < V4.3.7), RUGGEDCOM ROS RS900L (All versions < V4.3.7), RUGGEDCOM ROS RS900W (All versions < V4.3.7), RUGGEDCOM ROS RS910 (All versions < V4.3.7), RUGGEDCOM ROS RS910L (All versions < V4.3.7), RUGGEDCOM ROS RS910W (All versions < V4.3.7), RUGGEDCOM ROS RS920L (All versions < V4.3.7), RUGGEDCOM ROS RS920W (All versions < V4.3.7), RUGGEDCOM ROS RS930L (All versions < V4.3.7), RUGGEDCOM ROS RS930W (All versions < V4.3.7), RUGGEDCOM ROS RS940G (All versions < V4.3.7), RUGGEDCOM ROS RS969 (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2100 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2200 (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900C (All versions < V5.5.4), RUGGEDCOM ROS RSG900G V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900G V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900R (All versions < V5.5.4), RUGGEDCOM ROS RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSL910 (All versions < V5.5.4), RUGGEDCOM ROS RST2228 (All versions < V5.5.4), RUGGEDCOM ROS RST916C (All versions < V5.5.4), RUGGEDCOM ROS RST916P (All versions < V5.5.4), RUGGEDCOM ROS i800 (All versions < V4.3.7), RUGGEDCOM ROS i801 (All versions < V4.3.7), RUGGEDCOM ROS i802 (All versions < V4.3.7), RUGGEDCOM ROS i803 (All versions < V4.3.7). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37789,"stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-24970,"The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33882,A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,8.6,3.9,4.0,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE
CVE-2021-29143,"A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36408,An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24016,"An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host.",CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H,6.3,0.30000000000000004,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3131,The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-24227,"The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the generation of nonces and cookies.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-33323,"The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-43420,"SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42886,"TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-40175,Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40492,"A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25031,"The Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) WordPress plugin before 9.7.1 does not escape the effects parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-35116,"APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-40674,An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20753,Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-1148,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3146,The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29576,"TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L694-L696) does not check that the initialization of `Pool3dParameters` completes successfully. Since the constructor(https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L48-L88) uses `OP_REQUIRES` to validate conditions, the first assertion that fails interrupts the initialization of `params`, making it contain invalid data. In turn, this might cause a heap buffer overflow, depending on default initialized values. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24973,"The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20147,ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-41588,"In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38978,"IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 212783.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-29514,"TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the `splits` tensor buffer in the implementation of the `RaggedBincount` op(https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the `for` loop, `batch_idx` is set to 0. The attacker sets `splits(0)` to be 7, hence the `while` loop does not execute and `batch_idx` remains 0. This then results in writing to `out(-1, bin)`, which is before the heap allocated buffer for the output tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3, as these are also affected.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3479,"There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-46389,IIPImage High Resolution Streaming Image Server prior to commit 882925b295a80ec992063deffc2a3b0d803c3195 is affected by an integer overflow in iipsrv.fcgi through malformed HTTP query parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24808,"The BP Better Messages WordPress plugin before 1.9.9.41 sanitise (with sanitize_text_field) but does not escape the 'subject' parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-38429,"OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-4316,Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-41131,"python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can overwrite files ending in `.json` anywhere on the client system on a call to `get_one_valid_targetinfo()`. It occurs because the rolename is used to form the filename, and may contain path traversal characters (ie `../../name.json`). The impact is mitigated by a few facts: It only affects implementations that allow arbitrary rolename selection for delegated targets metadata, The attack requires the ability to A) insert new metadata for the path-traversing role and B) get the role delegated by an existing targets metadata, The written file content is heavily restricted since it needs to be a valid, signed targets file. The file extension is always .json. A fix is available in version 0.19 or newer. There are no workarounds that do not require code changes. Clients can restrict the allowed character set for rolenames, or they can store metadata in files named in a way that is not vulnerable: neither of these approaches is possible without modifying python-tuf.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H,8.7,2.2,5.8,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,CHANGED,NONE,HIGH,HIGH
CVE-2021-3693,"LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2021-39693,"In onUidStateChanged of AppOpsService.java, there is a possible way to access location without a visible indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-208662370",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38186,"An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-23995,"When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20312,"A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22854,The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-31426,"This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel on the target guest system. Was ZDI-CAN-12791.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-46898,"views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith(""/"") but this does not consider a protocol-relative URL (e.g., //example.com) attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-3717,"A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36410,A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36226,Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0874,"In PVRSRVBridgeDevicememHistorySparseChange of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270399633",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35499,The Web Reporting component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Stored Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim's local system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: versions 10.4.0 and below.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0955,"In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31786,"The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-27428,"GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without appropriate privileges. The weakness is assessed, and mitigation is implemented in firmware Version 8.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22718,A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20569,IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation. IBM X-Force ID: 199243.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-33657,"There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21440,Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44994,There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25278,FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Background Image upload feature in the Submit Box Template Editor.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-44568,"Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36041,"Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45648,"Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 before 2.7.3.22, and RBS350 before 4.3.4.7.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-30270,"Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25033,"The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-30808,"This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-32275,An issue was discovered in faust through v2.30.5. A NULL pointer dereference exists in the function CosPrim::computeSigOutput() located in cosprim.hh. It allows an attacker to cause Denial of Service.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-3597,"A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36791,The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-32860,"iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting (XSS) when handling untrusted modal titles. An attacker who is able to influence the field `title` when creating a `iziModal` instance is able to supply arbitrary `html` or `javascript` code that will be rendered in the context of a user, potentially leading to `XSS`. Version 1.6.1 contains a patch for this issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43469,VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead component.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37653,"TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in `tf.raw_ops.ResourceGather`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, `batch_size`, and then divides by it without checking that this value is not 0. We have patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-32557,It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-37983,Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22341,"There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-40960,Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20176,A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1280,"A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with SYSTEM privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27850,"A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.1, upgrade to 5.6.2 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34326,"A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13422)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45414,A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0119,Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.,CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.2,0.30000000000000004,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31006,"Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-25457,An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-36889,Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6).,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-30543,Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1174,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21849,An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29387,"Multiple stored cross-site scripting (XSS) vulnerabilities in Sourcecodester Equipment Inventory System 1.0 allow remote attackers to inject arbitrary javascript via any ""Add"" sections, such as Add Item , Employee and Position or others in the Name Parameters.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-38723,FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36976,libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-46908,"In the Linux kernel, the following vulnerability has been resolved:

bpf: Use correct permission flag for mixed signed bounds arithmetic

We forbid adding unknown scalars with mixed signed bounds due to the
spectre v1 masking mitigation. Hence this also needs bypass_spec_v1
flag instead of allow_ptr_leaks.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22954,A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of other users.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32953,"An attacker could utilize SQL commands to create a new user MDT AutoSave versions prior to v6.02.06 and update the user’s permissions, granting the attacker the ability to login.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37702,"Pimcore is an open source data & experience management platform. Prior to version 10.1.1, Data Object CSV import allows formular injection. The problem is patched in 10.1.1. Aside from upgrading, one may apply the patch manually as a workaround.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4280,A vulnerability was found in styler_praat_scripts. It has been classified as problematic. Affected is an unknown function of the file file_segmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch is 0cad44aa4a3eb0ecdba071c10eaff16023d8b35f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216780.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-38584,The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42070,"When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW
CVE-2021-28814,"An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0946,"The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236846966",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21636,A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-0005,Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39432,diplib v3.0.0 is vulnerable to Double Free.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36874,Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0333,"In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-168504491",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31450,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13084.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30612,Chromium: CVE-2021-30612 Use after free in WebRTC,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24556,"The kento_email_subscriber_ajax AJAX action of the Email Subscriber WordPress plugin through 1.1, does not properly sanitise, validate and escape the submitted subscribe_email and subscribe_name POST parameters, inserting them in the DB and then outputting them back in the Subscriber list (/wp-admin/edit.php?post_type=kes_campaign&page=kento_email_subscriber_list_settings), leading a Stored XSS issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20247,A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the opposite end of the synchronization channel. The highest threat from this vulnerability is to data confidentiality and integrity.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-25394,A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22281,": Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-38449,"Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42379,A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33797,"Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38930,"IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210331.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-42627,"The WAN configuration page ""wan.htm"" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23935,OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43736,CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46441,"In the ""webupg"" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use ""cmd"" parameters to execute arbitrary system commands after obtaining authorization.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42986,NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-35235,"The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely monitor and control the execution of an application. If an attacker could successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in targeting SWI with malicious intent.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-21618,"Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33103,Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24894,"The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45950,LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24941,"The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the message_id parameter of the get_message_action_row AJAX action before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25661,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39074,IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-31826,Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-31882,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-44528,"A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a ""X-Forwarded-Host"" headers in combination with certain ""allowed host"" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-32634,"Emissary is a distributed, peer-to-peer, data-driven workflow framework. Emissary 6.4.0 is vulnerable to Unsafe Deserialization of post-authenticated requests to the [`WorkSpaceClientEnqueue.action`](https://github.com/NationalSecurityAgency/emissary/blob/30c54ef16c6eb6ed09604a929939fb9f66868382/src/main/java/emissary/server/mvc/internal/WorkSpaceClientEnqueueAction.java) REST endpoint. This issue may lead to post-auth Remote Code Execution. This issue has been patched in version 6.5.0. As a workaround, one can disable network access to Emissary from untrusted sources.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24162,"In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29530,"TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholesky`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/kernels/sparse/sparse_cholesky_op.cc#L85-L86) fails to properly validate the input arguments. Although `ValidateInputs` is called and there are checks in the body of this function, the code proceeds to the next line in `ValidateInputs` since `OP_REQUIRES`(https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/framework/op_requires.h#L41-L48) is a macro that only exits the current function. Thus, the first validation condition that fails in `ValidateInputs` will cause an early return from that function. However, the caller will continue execution from the next line. The fix is to either explicitly check `context->status()` or to convert `ValidateInputs` to return a `Status`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44155,"An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is valid includes Login Failed, but does not include this string if the username is invalid. This allows an attacker to enumerate valid users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-39533,An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45628,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3020,"An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive ""shell"" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26681,"A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29960,"Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-45898,SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31816,"When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41224,"TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of `indices` does not match the size of `values`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-21958,A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40889,CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in {webroot}/uno/central.php file calls to file_put_contents() function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into password.php and then use the login function to execute code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22957,A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36372,"In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32138,The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-43816,"containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI), an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged, regular file on disk for complete read/write access (sans delete). Such is achieved by placing the in-container location of the hostPath volume mount at either `/etc/hosts`, `/etc/hostname`, or `/etc/resolv.conf`. These locations are being relabeled indiscriminately to match the container process-label which effectively elevates permissions for savvy containers that would not normally be able to access privileged host files. This issue has been resolved in version 1.5.9. Users are advised to upgrade as soon as possible.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-0483,"In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-153358911",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38122,"A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information.
This issue affects NetIQ Advance Authentication before 6.3.5.1",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2021-33507,"Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0658,"In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672107.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40155,"A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39900,Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-23963,"When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-40656,libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1945,"Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-20209,A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0199,Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-35296,An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21219,Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-30827,"A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22469,A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds read.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-26954,"An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-37711,"Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45297,An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-21825,A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22303,"There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW
CVE-2021-22424,A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-47518,"In the Linux kernel, the following vulnerability has been resolved:

nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done

The done() netlink callback nfc_genl_dump_ses_done() should check if
received argument is non-NULL, because its allocation could fail earlier
in dumpit() (nfc_genl_dump_ses()).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36869,Reflected Cross-Site Scripting (XSS) vulnerability in WordPress Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: &post.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-41260,Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 do not check for Cross Site Request Forgery attacks. All users are advised to upgrade to 0.9.6 as soon as possible. There are no known workarounds for this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36129,"An issue was discovered in the Translate extension in MediaWiki through 1.36. The Aggregategroups Action API module does not validate the parameter for aggregategroup when action=remove is set, thus allowing users with the translate-manage right to silently delete various groups' metadata.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-20086,Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-bbq 1.2.1 allows a malicious user to inject properties into Object.prototype.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41116,Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37839,"Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-28806,"A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.3.1652 Build 20210428. QNAP Systems Inc. QuTS hero versions prior to h4.5.2.1638 Build 20210414. QNAP Systems Inc. QuTScloud versions prior to c4.5.5.1656 Build 20210503. This issue does not affect: QNAP Systems Inc. QTS 4.3.6; 4.3.3.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33441,"An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1169,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46142,An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34756,"Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1968,"Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44387,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzPreset param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2021-38685,"A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21577,Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21441,There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-26805,Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-28038,"An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2021-29591,"TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls. For example, the `While` implementation(https://github.com/tensorflow/tensorflow/blob/106d8f4fb89335a2c52d7c895b7a7485465ca8d9/tensorflow/lite/kernels/while.cc) could be tricked into a scneario where both the body and the loop subgraphs are the same. Evaluating one of the subgraphs means calling the `Eval` function for the other and this quickly exhaust all stack space. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. Please consult our security guide(https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1041,"In (TBD) of (TBD), there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182950799References: N/A",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1446,"A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through an affected device that is performing NAT for DNS packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability can be exploited only by traffic that is sent through an affected device via IPv4 packets. The vulnerability cannot be exploited via IPv6 traffic.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39076,IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-24594,"The Translate WordPress – Google Language Translator WordPress plugin before 6.0.12 does not sanitise and escape some of its settings before outputting it in various pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-28793,"vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38278,Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0876,"In PVRSRVBridgePhysmemNewRamBackedLockedPMR of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400229",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29955,"A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-20049,"A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41543,"A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21575,"
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33022,Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1129,"A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-34594,TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-1763,"A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38459,"The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30811,"This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37419,Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-43064,"A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-42102,An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23958,"The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-45740,TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the pin parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36093,"It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-34348,"A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22516,"Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-0077,Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38461,The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N,8.2,3.9,4.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,NONE
CVE-2021-36159,"libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\0' terminator one byte too late.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-24992,"The Smart Floating / Sticky Buttons WordPress plugin before 2.5.5 does not sanitise and escape some parameter before outputting them in attributes and page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-39503,"PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without ""<, >, ?, =, `,...."" In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42727,"Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Bridge.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22145,A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-32752,"Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-42568,Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-25179,SolarWinds Serv-U before 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-28145,Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43951,Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-4398,"The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,  7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() function. This makes it possible for unauthenticated attackers to update meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-25456,OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-20108,"Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on the network to send commands over port 9000. While these commands may not be executed (due to authtoken validation), the Asset Explorer agent will reach out to the manage engine server for an HTTP request. During this process, AEAgent.cpp allocates 0x66 bytes using ""malloc"". This memory is never free-ed in the program, causing a memory leak. Additionally, the instruction sent to aeagent (ie: NEWSCAN, DELTASCAN, etc) is converted to a unicode string, but is never freed. These memory leaks allow a remote attacker to exploit a Denial of Service scenario through repetitively sending these commands to an agent and eventually crashing it the agent due to an out-of-memory condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-38435,"RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4193,vim is vulnerable to Out-of-bounds Read,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22780,"Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), and SCADAPack RemoteConnect for x70, all versions, that could cause unauthorized access to a project file protected by a password when this file is shared with untrusted sources. An attacker may bypass the password protection and be able to view and modify a project file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-30775,"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44622,A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22047,"In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-31516,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja 2.3.2660 (Build ID 88f343c3). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BNDB files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13670.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20853,ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25464,An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22387,There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40060,There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-20872,"Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3801,prism is vulnerable to Inefficient Regular Expression Complexity,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1886,"Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37468,NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-40087,"An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log (that can only be viewed by an administrator). This affects use of any of the following protocols: SCEP, CMP, or EST.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-46054,A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33546,"Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27135,xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45263,"An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45627,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39644,Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27165,An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32790,"Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-20550,IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199168.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24715,"The WP Sitemap Page WordPress plugin before 1.7.0 does not properly sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20087,Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33483,An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. The comment posting functionality allows an attacker to add an XSS payload to the JSON request that will execute when users visit the page with the comment.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-40970,Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the username parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21282,"Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG 4.5. Users can apply the patch for this vulnerability out-of-band as a workaround.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29443,"jose is an npm library providing a number of cryptographic operations. In vulnerable versions AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. A possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). All major release versions have had a patch released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `^1.28.1 || ^2.0.5 || >=3.11.4`. Users should upgrade their v1.x dependency to ^1.28.1, their v2.x dependency to ^2.0.5, and their v3.x dependency to ^3.11.4. Thanks to Jason from Microsoft Vulnerability Research (MSVR) for bringing this up and Eva Sarafianou (@esarafianou) for helping to score this advisory.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-23445,This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-32490,A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22353,There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45734,TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via the url parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-30737,"A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46996,"In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: Fix a memleak from userdata error path in new objects

Release object name if userdata allocation fails.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0532,"In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185196177",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32859,The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting (XSS) when handling untrusted `placeholder` entries. An attacker who is able to influence the field `placeholder` when creating a `Calendar` instance is able to supply arbitrary `html` or `javascript` that will be rendered in the context of a user leading to XSS. There are no known patches for this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-36357,"An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t ""year"" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion function.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23274,The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability does not require human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO API Exchange Gateway: versions 2.3.3 and below and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric: versions 2.3.3 and below.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32677,"FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery (CSRF) attack. In versions lower than 0.65.2, FastAPI would try to read the request payload as JSON even if the content-type header sent was not set to application/json or a compatible JSON media type (e.g. application/geo+json). A request with a content type of text/plain containing JSON data would be accepted and the JSON data would be extracted. Requests with content type text/plain are exempt from CORS preflights, for being considered Simple requests. The browser will execute them right away including cookies, and the text content could be a JSON string that would be parsed and accepted by the FastAPI application. This is fixed in FastAPI 0.65.2. The request data is now parsed as JSON only if the content-type header is application/json or another JSON compatible media type like application/geo+json. It's best to upgrade to the latest FastAPI, but if updating is not possible then a middleware or a dependency that checks the content-type header and aborts the request if it is not application/json or another JSON compatible content type can act as a mitigating workaround.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-22904,"The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0359,"In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05442011.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25925,"in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-45513,NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-23016,"On BIG-IP APM versions 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, and all versions of 16.0.x, 12.1.x, and 11.6.x, an attacker may be able to bypass APM's internal restrictions and retrieve static content that is hosted within APM by sending specifically crafted requests to an APM Virtual Server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-37552,"In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21336,"Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this plugin. The problem has been fixed in version 2.6.0. Depending on how you have installed Products.PluggableAuthService, you should change the buildout version pin to 2.6.0 and re-run the buildout, or if you used pip simply do `pip install ""Products.PluggableAuthService>=2.6.0""`.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1592,"A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could exploit this vulnerability by opening a significant number of SSH sessions on an affected device. A successful exploit could allow the attacker to cause a crash and restart of internal Cisco UCS Manager software processes and a temporary loss of access to the Cisco UCS Manager CLI and web UI. Note: The attacker must have valid user credentials to authenticate to the affected device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-29843,"IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. IBM X-Force ID: 205203.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-3621,"A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46529,Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x8814e. This vulnerability can lead to a Denial of Service (DoS).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1906,"Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-27436,"WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-22848,HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21729,"Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0_EG1T5_TE, V2.5.5, ZXHN H108N V2.5.5_BTMT1",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-27181,"An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the value of the anti-CSRF token, the attacker may trick the user into visiting his malicious page and performing any request with the privileges of attacked user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28053,"An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A SQL injection vulnerability in ""Configuration > Users > Contacts / Users"" allows remote authenticated users to execute arbitrary SQL commands via the Additional Information parameters.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45819,Wordline HIDCCEMonitorSVC before v5.2.4.3 contains an unquoted service path which allows attackers to escalate privileges to the system level.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43975,"In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43032,"In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-42126,An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20541,"IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-42574,"An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H,8.3,1.6,6.0,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2021-22733,Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33004,"The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45230,"In Apache Airflow prior to 2.2.0. This CVE applies to a specific case where a User who has ""can_create"" permissions on DAG Runs can create Dag Runs for dags that they don't have ""edit"" permissions for.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-38895,"IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209563.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-38342,"The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross-Site Request Forgery via the `npBulkAction`s and `npBulkEdit` `admin_post` actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other metadata.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-45268,"A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cookie of a high-privileged authenticated user who is entitled to install arbitrary add-ons",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44531,"Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-28834,"Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42242,A command execution vulnerability exists in jfinal_cms 5.0.1 via com.jflyfox.component.controller.Ueditor.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32561,OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-26735,"The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. A local adversary may be able to execute code with SYSTEM privileges.





",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3271,"PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-35290,File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to run arbitrary code via rich text editor on /admin/main/mod-blog page.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41181,"Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker could gain access to the chat messages and files of the user. It is recommended that the Nextcloud Android Talk App is upgraded to 12.3.0. There are no known workarounds.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,2.4,0.9,1.4,LOW,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-39047,"IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214349.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-27759,This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-23419,This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37067,There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality impacted.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41459,There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39726,"In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-181782896References: N/A",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-46576,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15370.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27396,"A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13279)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30523,Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23889,Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-29049,"Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24639,"The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgf_ajax_empty_dir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-31718,"The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42090,An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40662,A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44731,"A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,7.8,1.1,6.0,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-31001,An access issue was addressed with improved access restrictions. This issue is fixed in iOS 15 and iPadOS 15. An attacker in a privileged network position may be able to leak sensitive user information.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22027,The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-46629,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15459.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3466,"A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32614,"A flaw was found in dmg2img through 20170502. fill_mishblk() does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-25489,"Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39297,Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-25099,"The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX action, leading to a Reflected Cross-Site Scripting",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-34391,"Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33827,The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30133,"A cross-site scripting (XSS) vulnerability in CloverDX Server 5.9.0, CloverDX 5.8.1, CloverDX 5.7.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the sessionToken parameter of multiple methods in Simple HTTP API. This is resolved in 5.9.1 and 5.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-44868,A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29515,"TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L195-L197) does not validate that the tensor arguments are non-empty. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34280,"Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer Vulnerability in PolarisOffice.exe and EngineDLL.dll that may cause a Remote Code Execution. To exploit the vulnerability, someone must open a crafted PDF file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33923,"Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5.5.2 and 6.0.0 allows local attackers to access some sensitive information (private keys, state database).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-45697,An issue was discovered in the molecule crate before 0.7.2 for Rust. A FixVec partial read has an incorrect result.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29983,Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-40010,The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36898,Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42643,"cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37718,"A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28646,"An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-33886,An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as the device.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4396,"The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the save_rc_post_meta() function. This makes it possible for unauthenticated attackers to save post meta via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-40085,"An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-29781,"IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 203091.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23373,All versions of package set-deep-prop are vulnerable to Prototype Pollution via the main functionality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38785,There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-21301,Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-21134,Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-44020,An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3957,kimai2 is vulnerable to Cross-Site Request Forgery (CSRF),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-1228,"A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-33083,"Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21042,"Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-45038,"An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-41458,"In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33478,"The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35534,"Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1943,"Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45623,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0421,"In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22454,A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34873,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14696.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3523,"A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. This flaw allows an attacker to bypass security restrictions for an API request when hosting multiple APIs on the same IP address.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-3875,vim is vulnerable to Heap-based Buffer Overflow,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-40058,There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22216,"A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a very long issue or merge request description",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-37936,"It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML, it would be rendered for the user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21187,Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-24259,"The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24688,"The Orange Form WordPress plugin through 1.0.1 does not have any authorisation and CSRF checks in all of its AJAX calls, for example the or_delete_filed one which is available to both unauthenticated and authenticated users could allow attackers to delete arbitrary posts.The AJAX calls performing actions on posts also do not ensure that the post belong to them (or that they are allowed to perform such action on it)",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-21980,The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44966,"SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22772,"A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 ((Modbus) SC2-04MOD-07000100 and earlier), Easergy T200 ((IEC104) SC2-04IEC-07000100 and earlier), and Easergy T200 ((DNP3) SC2-04DNP-07000102 and earlier) that could cause unauthorized operation when authentication is bypassed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25495,A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31615,"Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.3,1.6,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-44352,A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0461,"In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175124074",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21931,A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21831,"A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35077,"Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27558,A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-28280,CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24686,"The SVG Support WordPress plugin before 2.3.20 does not escape the ""CSS Class to target"" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21085,Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could exploit this vulnerability by injecting a payload into an online event form and achieve code execution if the victim exports and opens the data on their local machine.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42782,Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-25492,Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-34709,"Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20745,Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23365,The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip (encoding/decoding XML data).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-27217,"An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device. Out-of-bounds reads performed by aes_remove_padding() can crash the running process, depending on the memory layout. This could be used by an attacker to cause a client-side denial of service. The yubihsm-shell project is included in the YubiHSM 2 SDK product.",CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.7000000000000001,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-21586,Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39516,An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an attacker to cause Denial of Service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26085,"Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-22943,A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-41810,Admin tool allows storing configuration data with script which may then get run by another vault administrator. Requires vault admin level authentication and is not remotely exploitable,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-3539,EspoCRM 6.1.6 and prior suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 6.1.7 of the product.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-45989,Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-43940,"Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32821,"MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service (ReDoS). An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite common with e.g. jQuery CSS selectors. No patches are available for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24994,"The Migration, Backup, Staging WordPress plugin before 0.9.69 does not have authorisation when adding remote storages, and does not sanitise as well as escape a parameter from such unauthenticated requests before outputting it in admin page, leading to a Stored Cross-Site Scripting issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24604,"The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-23048,"On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33618,"Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by > and < characters in the onpointermove attribute of a BODY element to the user-management feature.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21070,Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to the file system could leverage this vulnerability to escalate privileges.,CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,6.5,0.6000000000000001,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20557,IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 199184.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28054,"An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in ""Configuration > Hosts"" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-45949,Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34301,"A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13196)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42556,"Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-20612,"Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25129,The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1393,"Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46079,An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45641,"Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25045,"The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20746,Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43207,Windows Common Log File System Driver Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32819,Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. This issue is fixed in version 9.0.0. For complete details refer to the referenced GHSL-2021-023.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27254,This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25672,A vulnerability has been identified in Mendix Forgot Password Appstore module (All Versions < V3.2.1). The Forgot Password Marketplace module does not properly control access. An attacker could take over accounts.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28132,LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool (in the Support section) allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30045,SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-41931,"The Company's Recruitment Management System in id=2 of the parameter from view_vacancy app on-page appears to be vulnerable to SQL injection. The payloads 19424269' or '1309'='1309 and 39476597' or '2917'='2923 were each submitted in the id parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39989,The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26995,E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27509,"In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-4371,"The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Setting Changs in versions up to, and including, 5.5. This is due to lacking both a security nonce and a capabilities check. This makes it possible for low-authenticated attackers to change plugin settings even when they do not have the capabilities to do so.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-29939,An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if size_hint provides certain anomalous data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,7.3,3.9,3.4,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2021-39458,Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22420,A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24041,A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38703,Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form. An authenticated remote attacker could leverage this to alter the device configuration and achieve remote code execution. This can be exploited in conjunction with CVE-2021-20090.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21833,An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38149,index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24722,"The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0707,"In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-155756045References: Upstream kernel",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32937,An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used in MDT AutoSave versions prior to v6.02.06. An attacker can leverage this knowledge to provide a malicious command to the working directory where the read and write activity can be initiated.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1212,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22219,"All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-26934,"An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21922,A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘username_filter’ parameter with the administrative account or through cross-site request forgery.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-24485,"The Special Text Boxes WordPress plugin before 5.9.110 does not sanitise or escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33445,"An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25163,A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-27266,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12293.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-20511,"IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing ""dot dot"" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 198300.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39937,"A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21880,A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30899,"A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22818,"A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to gain unauthorized access to the charging station web interface by performing brute force attacks. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 (All versions prior to R8 V3.4.0.2 ), EVlink Parking EVW2 / EVF2 / EVP2PE (All versions prior to R8 V3.4.0.2), and EVlink Smart Wallbox EVB1A (All versions prior to R8 V3.4.0.2)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22538,"A privilege escalation vulnerability impacting the Google Exposure Notification Verification Server (versions prior to 0.23.1), allows an attacker who (1) has UserWrite permissions and (2) is using a carefully crafted request or malicious proxy, to create another user with higher privileges than their own. This occurs due to insufficient checks on the allowed set of permissions. The new user creation event would be captured in the Event Log.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32039,Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-29825,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM X-Force ID: 204470.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3907,"OctoRPKI does not escape a URI with a filename containing "".."", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41526,A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25409,Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,2.4,0.9,1.4,LOW,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-32775,"Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, a non admin user can get access to many class/field values through GroupBy Dashlet error message. This issue is fixed in versions 2.7.4 and 3.0.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-26971,A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system leading to partial system compromise.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2021-21816,An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-40924,Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the first_name parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-3012,A cross-site scripting (XSS) vulnerability in the Document Link of documents in ESRI Enterprise before 10.9 allows remote authenticated users to inject arbitrary JavaScript code via a malicious HTML attribute such as onerror (in the URL field of the Parameters tab).,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-27984,In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44564,"A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products).",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23497,This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25297,"Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37358,"SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component ""admin_ajax.php?action=checkrepeat&v_name="".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0997,"In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191086488",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-20763,Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-20786,"Cross-site request forgery (CSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to hijack the authentication of administrators via a specially crafted URL.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-45729,"The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions <= 1.8.0) allows authenticated low-role users to create, edit, and delete maps.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2021-45549,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33796,"In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-41162,"Combodo iTop is a web based IT Service Management tool. In 3.0.0 beta releases prior to beta6 the `ajax.render.php?operation=wizard_helper` page did not properly escape the user supplied parameters, allowing for a cross site scripting attack vector. Users are advised to upgrade. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-1960,"Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-38193,"An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-3546,"An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-29849,IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205281.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0091,Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25504,Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.0,2.5,1.4,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-24038,"Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35027,A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-34869,"This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13797.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-32498,SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2021-24644,"The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-33966,"Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21812,A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a static sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42534,"The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20072,Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30955,"A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22738,Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38295,"In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32424,"In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the router.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3763,"A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-0536,"In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176756691",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24201,"In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-42763,"Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the ""@"" user credentials of the node processing the UI request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22907,An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalation in CR versions prior to 2105 and 1912 LTSR prior to CU4.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-47617,"In the Linux kernel, the following vulnerability has been resolved:

PCI: pciehp: Fix infinite loop in IRQ handler upon power fault

The Power Fault Detected bit in the Slot Status register differs from
all other hotplug events in that it is sticky:  It can only be cleared
after turning off slot power.  Per PCIe r5.0, sec. 6.7.1.8:

  If a power controller detects a main power fault on the hot-plug slot,
  it must automatically set its internal main power fault latch [...].
  The main power fault latch is cleared when software turns off power to
  the hot-plug slot.

The stickiness used to cause interrupt storms and infinite loops which
were fixed in 2009 by commits 5651c48cfafe (""PCI pciehp: fix power fault
interrupt storm problem"") and 99f0169c17f3 (""PCI: pciehp: enable
software notification on empty slots"").

Unfortunately in 2020 the infinite loop issue was inadvertently
reintroduced by commit 8edf5332c393 (""PCI: pciehp: Fix MSI interrupt
race""):  The hardirq handler pciehp_isr() clears the PFD bit until
pciehp's power_fault_detected flag is set.  That happens in the IRQ
thread pciehp_ist(), which never learns of the event because the hardirq
handler is stuck in an infinite loop.  Fix by setting the
power_fault_detected flag already in the hardirq handler.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33800,"In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-30896,"A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39247,"Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to is_last_single_ascii in code1.c, and rs_encode_uint in reedsol.c.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-41766,"Apache Karaf allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX). JMX is a Java RMI based technology that relies on Java serialized objects for client server communication. Whereas the default JMX implementation is hardened against unauthenticated deserialization attacks, the implementation used by Apache Karaf is not protected against this kind of attack. The impact of Java deserialization vulnerabilities strongly depends on the classes that are available within the targets class path. Generally speaking, deserialization of untrusted data does always represent a high security risk and should be prevented. The risk is low as, by default, Karaf uses a limited set of classes in the JMX server class path. It depends of system scoped classes (e.g. jar in the lib folder).",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33504,Couchbase Server before 7.1.0 has Incorrect Access Control.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44050,"CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-38300,"arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42093,An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40263,A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20991,In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31847,"Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46329,Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via the component _fini.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25228,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-3841,"sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user's browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-1196,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43541,"When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-32800,"Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. There are no workaround for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-36716,A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmail(input) function may cause an application to consume an excessive amount of CPU.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-37656,"TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToSparse`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. We have patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44417,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAlarm param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2021-35463,Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote attackers to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24349,"This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Scripting issue. Due to the lack of CSRF check, the attack could also be performed via such vector.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-28203,"The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33506,jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference moderation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-39501,EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-1203,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35491,A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request. This issue was resolved in Wowza Streaming Engine release 4.8.14.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-20121,"The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device's web interface.",CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,4.0,0.4,3.6,MEDIUM,2024-12-07T08:01Z,PHYSICAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-0978,"In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-192587406",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-35479,Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-29844,"IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39554,An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function Lexer::Lexer() located in Lexer.cc. It allows an attacker to cause Denial of Service.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-27251,This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3967,Improper Access Control in GitHub repository zulip/zulip prior to 4.10.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45547,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32688,"Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server supports application specific tokens for authentication purposes. These tokens are supposed to be granted to a specific applications (e.g. DAV sync clients), and can also be configured by the user to not have any filesystem access. Due to a lacking permission check, the tokens were able to change their own permissions in versions prior to 19.0.13, 20.0.11, and 21.0.3. Thus fileystem limited tokens were able to grant themselves access to the filesystem. The issue is patched in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds aside from upgrading.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-47597,"In the Linux kernel, the following vulnerability has been resolved:

inet_diag: fix kernel-infoleak for UDP sockets

KMSAN reported a kernel-infoleak [1], that can exploited
by unpriv users.

After analysis it turned out UDP was not initializing
r->idiag_expires. Other users of inet_sk_diag_fill()
might make the same mistake in the future, so fix this
in inet_sk_diag_fill().

[1]
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]
BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:156 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670
 instrument_copy_to_user include/linux/instrumented.h:121 [inline]
 copyout lib/iov_iter.c:156 [inline]
 _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670
 copy_to_iter include/linux/uio.h:155 [inline]
 simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519
 __skb_datagram_iter+0x2cb/0x1280 net/core/datagram.c:425
 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533
 skb_copy_datagram_msg include/linux/skbuff.h:3657 [inline]
 netlink_recvmsg+0x660/0x1c60 net/netlink/af_netlink.c:1974
 sock_recvmsg_nosec net/socket.c:944 [inline]
 sock_recvmsg net/socket.c:962 [inline]
 sock_read_iter+0x5a9/0x630 net/socket.c:1035
 call_read_iter include/linux/fs.h:2156 [inline]
 new_sync_read fs/read_write.c:400 [inline]
 vfs_read+0x1631/0x1980 fs/read_write.c:481
 ksys_read+0x28c/0x520 fs/read_write.c:619
 __do_sys_read fs/read_write.c:629 [inline]
 __se_sys_read fs/read_write.c:627 [inline]
 __x64_sys_read+0xdb/0x120 fs/read_write.c:627
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:524 [inline]
 slab_alloc_node mm/slub.c:3251 [inline]
 __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974
 kmalloc_reserve net/core/skbuff.c:354 [inline]
 __alloc_skb+0x545/0xf90 net/core/skbuff.c:426
 alloc_skb include/linux/skbuff.h:1126 [inline]
 netlink_dump+0x3d5/0x16a0 net/netlink/af_netlink.c:2245
 __netlink_dump_start+0xd1c/0xee0 net/netlink/af_netlink.c:2370
 netlink_dump_start include/linux/netlink.h:254 [inline]
 inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1343
 sock_diag_rcv_msg+0x24a/0x620
 netlink_rcv_skb+0x447/0x800 net/netlink/af_netlink.c:2491
 sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:276
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x1095/0x1360 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x16f3/0x1870 net/netlink/af_netlink.c:1916
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg net/socket.c:724 [inline]
 sock_write_iter+0x594/0x690 net/socket.c:1057
 do_iter_readv_writev+0xa7f/0xc70
 do_iter_write+0x52c/0x1500 fs/read_write.c:851
 vfs_writev fs/read_write.c:924 [inline]
 do_writev+0x63f/0xe30 fs/read_write.c:967
 __do_sys_writev fs/read_write.c:1040 [inline]
 __se_sys_writev fs/read_write.c:1037 [inline]
 __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Bytes 68-71 of 312 are uninitialized
Memory access of size 312 starts at ffff88812ab54000
Data copied to user address 0000000020001440

CPU: 1 PID: 6365 Comm: syz-executor801 Not tainted 5.16.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-40874,"An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21637,"A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-36778,A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1076,"NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31903,"In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25449,An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0566,"In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-175894436",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-24949,"The ""WP Search Filters"" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28694,"IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28699,"inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can be accessed through. For 32-bit guests on x86, translation of requests has to occur because the interface structure layouts commonly differ between 32- and 64-bit. The translation of the request to obtain the frame numbers of the grant status table involves translating the resulting array of frame numbers. Since the space used to carry out the translation is limited, the translation layer tells the core function the capacity of the array within translation space. Unfortunately the core function then only enforces array bounds to be below 8 times the specified value, and would write past the available space if enough frame numbers needed storing.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-44047,A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing DWF/DWFX files. Crafted data in a DWF/DWFX file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29993,"Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-0406,"In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05471418.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22512,Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-27733,"In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25680,The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be confirmed during primary research. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-23377,"This affects all versions of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32982,Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers. An attacker who has network visibility can observe the password exchange.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37463,"In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-4198,"A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,6.1,1.8,4.2,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2021-4016,"Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the snapshot directory. An attacker can access, read and copy any of the files in this directory e.g. asset_info.json or file_info.json, leading to a loss of confidentiality. This issue was fixed in Rapid7 Insight Agent 3.1.3.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-20368,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-40330,"git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-0630,"In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551397; Issue ID: ALPS05551397.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-40000,The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37833,A reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-37039,There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-43537,"An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24462,"The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20300,"A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34319,"A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13404)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0948,"The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3970,A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36713,Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20478,IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. IBM X-Force ID: 197497.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-25920,"In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.5,1.2,5.2,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-46350,There is an Assertion 'ecma_is_value_object (value)' failed at jerryscript/jerry-core/ecma/base/ecma-helpers-value.c in JerryScript 3.0.0.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-32575,"HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-29442,"Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-32963,Null pointer dereference in SuiteLink server while processing commands 0x03/0x10,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33523,"MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21726,"Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illegal parameters. This affects:<ZXONE 9700 , ZXONE 8700, ZXONE 19700><V1.40.021.021CP049, V1.0P02B219_@NCPM-RELEASE_2.40R1-20200914.set>",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,2.3,0.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-23162,Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Connect for Android 15 versions prior to 15.04.040; version 14 and prior versions.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45665,"Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-30924,A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22898,"curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,3.1,1.6,1.4,LOW,2024-12-07T08:01Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-25527,Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-20515,"IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42067,"In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information alteration or denial of service is possible.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-40409,"An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. This would lead to an OS command injection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1071,"NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37538,"Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-3971,A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20369,IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41497,"Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-43228,SymCrypt Denial of Service Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1821,"A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24463,"The get_sliders() function in the Image Slider by Ays- Responsive Slider and Carousel WordPress plugin before 2.5.0 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30145,A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20379,IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195711.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-25296,"Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0668,"In apusys, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670521; Issue ID: ALPS05670521.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44427,"An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20608,Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sending malicious crafted packets to tamper with the program file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26996,E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22311,"There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28565,"Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39491,A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha reNgine v1.0 via the Scan Engine name file in the Scan Engine deletion confirmation modal box . .,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-44683,"The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function (used to open a secondary browser window). This could be exploited by tricking users into supplying sensitive information such as credentials, because the address bar would display a legitimate URL, but content would be hosted on the attacker's web site.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2021-35093,Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34379,"Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33555,"In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-21116,Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23702,The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via object-extend.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30797,"This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42073,"An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state with the barriers component (aka the server-side implementation of Barrier) simply by supplying a client label that identifies a valid client configuration. This label is ""Unnamed"" by default but could instead be guessed from hostnames or other publicly available information. In the active session state, an attacker can capture input device events from the server, and also modify the clipboard content on the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,8.2,3.9,4.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2021-42315,Microsoft Defender for IoT Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43590,"Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.0,0.8,5.2,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-29571,"TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of `boxes` input is 4, as required by [the op](https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in `boxes` is less than 4, accesses similar to `tboxes(b, bb, 3)` will access data outside of bounds. Further during code execution there are also writes to these indices. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46433,"In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-30756,"A local attacker may be able to view Now Playing information from the lock screen. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6. A privacy issue in Now Playing was addressed with improved permissions.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3646,btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-31840,"A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36326,"Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted format.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44779,"Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress plugin (versions <= 2.3), vulnerable at (&listid). No patched version available, plugin closed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20576,IBM Security Verify Access 20.07 could allow a remote attacker to send a specially crafted HTTP GET request that could cause the application to crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-32024,A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46247,The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-28153,"An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-44170,A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32980,Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. An attacker can connect to the PLC while an existing connection is already active.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27188,The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended for five hours) by making five invalid login attempts to a victim's account.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26746,Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-27598,"SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-38130,A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-25390,Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.0,2.5,1.4,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-36784,A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28042,Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23977,Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44383,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoUpgrade param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2021-31425,"This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel on the target guest system. Was ZDI-CAN-12790.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-41599,"A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.21, 3.1.13, 3.2.5. This vulnerability was reported via the GitHub Bug Bounty program.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35251,Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-24568,"The AddToAny Share Buttons WordPress plugin before 1.7.46 does not sanitise its Sharing Header setting when outputting it in frontend pages, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-26317,Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28909,BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at /webif/SecurityModule in a brute force attack. The password could be weak and default username is known as 'admin'. This is usable and part of an attack chain to gain SSH root access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29622,"Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirect to any other URL, in the /new endpoint. If a user visits a prometheus server with a specially crafted address, they can be redirected to an arbitrary URL. The issue was patched in the 2.26.1 and 2.27.1 releases. In 2.28.0, the /new endpoint will be removed completely. The workaround is to disable access to /new via a reverse proxy in front of Prometheus.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24805,"The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-27908,"In all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user through leveraging Symfony parameter syntax in any of the free text fields in Mautic’s configuration that are used in publicly facing parts of the application.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41938,"An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4239,"The Noise protocol implementation suffers from weakened cryptographic security after encrypting 2^64 messages, and a potential denial of service attack. After 2^64 (~18.4 quintillion) messages are encrypted with the Encrypt function, the nonce counter will wrap around, causing multiple messages to be encrypted with the same key and nonce. In a separate issue, the Decrypt function increments the nonce state even when it fails to decrypt a message. If an attacker can provide an invalid input to the Decrypt function, this will cause the nonce state to desynchronize between the peers, resulting in a failure to encrypt all subsequent messages.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-39020,"IBM Guardium Data Encryption (GDE) 4.0.0.7 and lower stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 213855.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-39272,"Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37131,"There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30230,The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36389,"In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page ""MIImage.i4"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41917,"webTareas version 2.4 and earlier allows an authenticated user to store arbitrary web script or HTML by creating or editing a client name in the clients section, due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the platform users and administrators. The affected endpoint is /clients/editclient.php, on the HTTP POST cn parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21371,"Tenable for Jira Cloud is an open source project designed to pull Tenable.io vulnerability data, then generate Jira Tasks and sub-tasks based on the vulnerabilities' current state. It published in pypi as ""tenable-jira-cloud"". In tenable-jira-cloud before version 1.1.21, it is possible to run arbitrary commands through the yaml.load() method. This could allow an attacker with local access to the host to run arbitrary code by running the application with a specially crafted YAML configuration file. This is fixed in version 1.1.21 by using yaml.safe_load() instead of yaml.load().",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2021-32791,"mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44942,"glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2021-3442,A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-27150,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32943,"The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45018,Cross Site Scripting (XSS) vulnerability exists in Catfish <=6.3.0 via a Google search in url:/catfishcms/index.php/admin/Index/addmenu.htmland then the .html file on the website that uses this editor (the file suffix is allowed).,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0478,"In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-169255797",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33847,Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30064,"On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22789,"A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45327,Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46619,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15413.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26036,An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26084,"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-21339,"TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-29107,A stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43663,totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check.,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22878,Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-39652,"In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194499021References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43408,"The ""Duplicate Post"" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38343,"The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Open Redirect via the `page` POST parameter in the `npBulkActions`, `npBulkEdit`, `npListingSort`, and `npCategoryFilter` `admin_post` actions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33879,"Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only integrity check would be a comparison of the downloaded file's MD5 checksum to the one contained within the XML document, the downloaded executable would then be executed on the victim's machine.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38493,"Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.14, Thunderbird < 78.14, and Firefox < 92.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20851,Cross-site request forgery (CSRF) vulnerability in Browser and Operating System Finder versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of an administrator via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41212,"TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-20635,Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-28701,"Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,7.8,1.1,6.0,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-39998,There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-22440,"There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-45901,The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-31429,This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13187.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-44394,Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-40897,A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-23387,"The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-30111,"A stored XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in the event name and description fields. An attack can inject a JavaScript code that will be stored in the page. If any visitor sees the events, then the payload will be executed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0063,Improper input validation in firmware for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in Windows 10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39653,"In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193443223References: N/A",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36748,A SQL Injection issue in the list controller of the Prestahome Blog (aka ph_simpleblog) module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sb_category parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-33721,A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37859,Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24327,"The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users (even with the unfiltered_html disabled) to set XSS payloads",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0228,"An improper check for unusual or exceptional conditions vulnerability in Juniper Networks MX Series platforms with Trio-based MPC (Modular Port Concentrator) deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, may allow an attacker sending specific Layer 2 traffic to cause Distributed Denial of Service (DDoS) protection to trigger unexpectedly, resulting in traffic impact. Continued receipt and processing of this specific Layer 2 frames will sustain the Denial of Service (DoS) condition. An indication of compromise is to check DDOS LACP violations: user@device> show ddos-protection protocols statistics brief | match lacp This issue only affects the MX Series platforms with Trio-based MPC. No other products or platforms are affected. This issue affects: Juniper Networks Junos OS on MX Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S8; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2;",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-37657,"TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixDiagV*`. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of `k` is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong. We have patched the issue in GitHub commit f2a673bd34f0d64b8e40a551ac78989d16daad09. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37497,SQL injection vulnerability in route of PbootCMS 3.0.5 allows remote attackers to run arbitrary SQL commands via crafted GET request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25436,Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45955,"Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 ""do not represent real vulnerabilities, to the best of our knowledge."" However, a contributor states that a security patch (mentioned in 016162.html) is needed",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38984,"IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-22217,"A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or merge request",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-3603,"PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will be called in preference to the built-in validator of the same name. Mitigated in PHPMailer 6.5.0 by denying the use of simple strings as validator function names.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46622,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15416.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44407,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. TestEmail param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2021-41231,"OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.


",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27903,"An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes (if an attacker were somehow able to hijack an administrator's session).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33570,"Postbird 0.8.4 allows stored XSS via the onerror attribute of an IMG element in any PostgreSQL database table. This can result in reading local files via vectors involving XMLHttpRequest and open of a file:/// URL, or discovering PostgreSQL passwords via vectors involving Window.localStorage and savedConnections.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-45406,"In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25346,A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29536,"TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a324ac84e573fba362a5e53d4e74d5de6729933e/tensorflow/core/kernels/quantized_reshape_op.cc#L38-L55) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly. However, if any of these tensors is empty, then `.flat<T>()` is an empty buffer and accessing the element at position 0 results in overflow. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-40506,"An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience corruption in execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27002,NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-30070,An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-37197,"A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24971,"The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wpr_live_update AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform Cross-Site Scripting attacks against all visitor and users on the frontend",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-0337,"In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-157474195",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45408,"Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the ""referuri"" parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-34890,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14843.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-46314,A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43297,"A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some imformation for users, which may cause remote command execution. This issue affects Apache Dubbo Apache Dubbo 2.6.x versions prior to 2.6.12; Apache Dubbo 2.7.x versions prior to 2.7.15; Apache Dubbo 3.0.x versions prior to 3.0.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1412,"Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-47025,"In the Linux kernel, the following vulnerability has been resolved:

iommu/mediatek: Always enable the clk on resume

In mtk_iommu_runtime_resume always enable the clk, even
if m4u_dom is null. Otherwise the 'suspend' cb might
disable the clk which is already disabled causing the warning:

[    1.586104] infra_m4u already disabled
[    1.586133] WARNING: CPU: 0 PID: 121 at drivers/clk/clk.c:952 clk_core_disable+0xb0/0xb8
[    1.594391] mtk-iommu 10205000.iommu: bound 18001000.larb (ops mtk_smi_larb_component_ops)
[    1.598108] Modules linked in:
[    1.598114] CPU: 0 PID: 121 Comm: kworker/0:2 Not tainted 5.12.0-rc5 #69
[    1.609246] mtk-iommu 10205000.iommu: bound 14027000.larb (ops mtk_smi_larb_component_ops)
[    1.617487] Hardware name: Google Elm (DT)
[    1.617491] Workqueue: pm pm_runtime_work
[    1.620545] mtk-iommu 10205000.iommu: bound 19001000.larb (ops mtk_smi_larb_component_ops)

[    1.627229] pstate: 60000085 (nZCv daIf -PAN -UAO -TCO BTYPE=--)
[    1.659297] pc : clk_core_disable+0xb0/0xb8
[    1.663475] lr : clk_core_disable+0xb0/0xb8
[    1.667652] sp : ffff800011b9bbe0
[    1.670959] x29: ffff800011b9bbe0 x28: 0000000000000000
[    1.676267] x27: ffff800011448000 x26: ffff8000100cfd98
[    1.681574] x25: ffff800011b9bd48 x24: 0000000000000000
[    1.686882] x23: 0000000000000000 x22: ffff8000106fad90
[    1.692189] x21: 000000000000000a x20: ffff0000c0048500
[    1.697496] x19: ffff0000c0048500 x18: ffffffffffffffff
[    1.702804] x17: 0000000000000000 x16: 0000000000000000
[    1.708112] x15: ffff800011460300 x14: fffffffffffe0000
[    1.713420] x13: ffff8000114602d8 x12: 0720072007200720
[    1.718727] x11: 0720072007200720 x10: 0720072007200720
[    1.724035] x9 : ffff800011b9bbe0 x8 : ffff800011b9bbe0
[    1.729342] x7 : 0000000000000009 x6 : ffff8000114b8328
[    1.734649] x5 : 0000000000000000 x4 : 0000000000000000
[    1.739956] x3 : 00000000ffffffff x2 : ffff800011460298
[    1.745263] x1 : 1af1d7de276f4500 x0 : 0000000000000000
[    1.750572] Call trace:
[    1.753010]  clk_core_disable+0xb0/0xb8
[    1.756840]  clk_core_disable_lock+0x24/0x40
[    1.761105]  clk_disable+0x20/0x30
[    1.764501]  mtk_iommu_runtime_suspend+0x88/0xa8
[    1.769114]  pm_generic_runtime_suspend+0x2c/0x48
[    1.773815]  __rpm_callback+0xe0/0x178
[    1.777559]  rpm_callback+0x24/0x88
[    1.781041]  rpm_suspend+0xdc/0x470
[    1.784523]  rpm_idle+0x12c/0x170
[    1.787831]  pm_runtime_work+0xa8/0xc0
[    1.791573]  process_one_work+0x1e8/0x360
[    1.795580]  worker_thread+0x44/0x478
[    1.799237]  kthread+0x150/0x158
[    1.802460]  ret_from_fork+0x10/0x30
[    1.806034] ---[ end trace 82402920ef64573b ]---
[    1.810728] ------------[ cut here ]------------

In addition, we now don't need to enable the clock from the
function mtk_iommu_hw_init since it is already enabled by the resume.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37191,A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-25516,An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-31635,Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-28236,LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0363,"In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05458478.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29623,"Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The read of uninitialized memory is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to leak a few bytes of stack memory, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2021-30483,isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-32961,"A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an optional parameter, resulting in the processing of a request in a special manner. This can result in the execution of an unzip command and place a malicious .exe file in one of the locations the function looks for and get execution capabilities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-34329,"A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13427)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23856,The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-34615,"A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2021-34739,"A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22375,"There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20523,IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 198660,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-39348,"The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-32005,Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-1530,"A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the application to consume available resources, resulting in a partial DoS condition on an affected system. There are workarounds that address this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,7.1,2.8,4.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,LOW
CVE-2021-30120,"Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user authenticates with username and password, the server sends a response to the client with the booleans MFARequired and MFAEnroled. If the attacker has obtained a password of a user and used an intercepting proxy (e.g. Burp Suite) to change the value of MFARequered from True to False, there is no prompt for the second factor, but the user is still logged in.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-28164,"In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-27451,"Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20657,Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2021-40125,"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-4227,"The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-41017,"Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41034,"The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Java 8 (alpine and centos), Android and PHP. The vulnerability is not exploitable at runtime but only when building Che.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24147,"Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the mic_comment field (Notes on time) when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting payload in them, which will be triggered in the frontend when viewing the event.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-30311,"Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37080,There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1333,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25487,Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41265,Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. This only affects non database authentication types and new REST API endpoints. Users should upgrade to Flask-AppBuilder 3.3.4 to receive a patch.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26118,While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-42852,A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37028,"There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35580,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data as well as unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-21658,Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-23401,"This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using 'autocorrect_location_header=False.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24988,"The WP RSS Aggregator WordPress plugin before 4.19.3 does not sanitise and escape data before outputting it in the System Info admin dashboard, which could lead to a Stored XSS issue due to the wprss_dismiss_addon_notice AJAX action missing authorisation and CSRF checks, allowing any authenticated users, such as subscriber to call it and set a malicious payload in the addon parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-39742,"In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-186405602",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41200,"TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-3509,"A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25157,A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37666,"TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty. We have patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4069,vim is vulnerable to Use After Free,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34549,"An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-26565,Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to obtain sensitive information via an HTTP session.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-32620,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions prior to 11.10.13, 12.6.7, and 12.10.2, a user disabled on a wiki using email verification for registration canouldre-activate themself by using the activation link provided for his registration. The problem has been patched in the following versions of XWiki: 11.10.13, 12.6.7, 12.10.2, 13.0. It is possible to workaround the issue by resetting the `validkey` property of the disabled XWiki users. This can be done by editing the user profile with object editor.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30313,"Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42892,"In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-39085,"IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34215,"Cross-site scripting in tcpipwan.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to execute arbitrary JavaScript by modifying the ""Service Name"" field.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43114,"FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1469,"Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24660,"The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-24562,"The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39777,"In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194743207",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-35201,NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-36055,XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24427,"The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-3374,"Directory traversal in RStudio Shiny Server before 1.5.16 allows attackers to read the application source code, involving an encoded slash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-3350,deleteaccount.php in the Delete Account plugin 1.4 for MyBB allows XSS via the deletereason parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-39021,"IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-22390,There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36846,Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-23029,"On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-43681,SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulnerability in /master/core/PostHandler.php. The exit function will terminate the script and print the message $data['proxy_name'].,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-32162,A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23993,"An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-22533,"Possible Insertion of Sensitive Information into Log File Vulnerability

in eDirectory has been discovered in
OpenText™ eDirectory 9.2.4.0000.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-3847,An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-0179,Improper Use of Validation Framework in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45656,"Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41687,"DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-38571,"An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44033,"In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be bypassed.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34075,"In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-20683,Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-44140,"Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2021-38348,"The Advance Search WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the wpas_id parameter found in the ~/inc/admin/views/html-advance-search-admin-options.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-27468,"The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41644,Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-1980,"Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2021-34932,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14910.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-31777,"The dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-29846,IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-41028,"A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:01Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46640,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15512.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33692,"SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-41079,"Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-44900,Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35312,"A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable ""RemoteBackup.Service.exe"" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with ""LocalSystem"" privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39632,"In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-202159709",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35242,Serv-U server responds with valid CSRFToken when the request contains only Session.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23177,"An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29740,"IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4206,A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-46085,OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-31010,"A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release..",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-3795,semver-regex is vulnerable to Inefficient Regular Expression Complexity,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-34649,"The Simple Behance Portfolio WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `dark` parameter in the ~/titan-framework/iframe-font-preview.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-37750,The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-1567,"A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.",CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-25507,Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.7,2.1,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-32474,"An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-44847,A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33667,"Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-4124,janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-38934,"IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210671.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-36489,Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegro_image addon.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-39058,IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-1791,"An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to disclose kernel memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2021-4281,A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The manipulation leads to os command injection. The name of the patch is 55b5a234c0fab935df5fb08365bc8fe9c37cf46b. It is recommended to apply a patch to fix this issue. VDB-216842 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4175,livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'),CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-41790,An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20181,"A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,7.5,0.8,6.0,HIGH,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2021-45345,Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a remote attacker to cause a denial of service via the WebcamServer.exe file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0389,"In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168039904",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45667,"Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-25224,A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-45386,tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-33981,"An insecure, direct object vulnerability in hunting/fishing license retrieval function of the ""Fish | Hunt FL"" iOS app versions 3.8.0 and earlier allows a remote authenticated attacker to retrieve other people's personal information and images of their hunting/fishing licenses.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-38345,"The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was found by another researcher in Brizy <= 1.0.125 and fixed in version 1.0.126, but the vulnerability was reintroduced in version 1.0.127.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-24467,"The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Forgery attack. This could lead to Cross-Site Scripting issues by either changing the URL of the JavaScript library being used, or using malicious attributions which will be executed in all page with an embed map from the plugin",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-34815,CheckSec Canopy before 3.5.2 allows XSS attacks against the login page via the LOGIN_PAGE_DISCLAIMER parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-40026,There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-34085,"Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-38408,A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29578,"TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/dcba796a28364d6d7f003f6fe733d82726dda713/tensorflow/core/kernels/fractional_avg_pool_op.cc#L216) fails to validate that the pooling sequence arguments have enough elements as required by the `out_backprop` tensor shape. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26342,"In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-39306,"A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37962,Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-32615,Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45517,NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-23263,"Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-4374,"The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing authorization and option validation in the process_form.php file. This makes it possible for unauthenticated attackers to arbitrarily update the settings of a vulnerable site and ultimately compromise the entire site.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20633,Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Cabinet via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-31579,"Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-45739,TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25059,"The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-29931,An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-25378,Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2021-33733,A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-46270,"JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all available repository names due to insufficient permission validation.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-27022,A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-4208,"The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the product_id POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-34315,"A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13356)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-35234,Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-29892,"IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-42529,XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-27098,"In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API can result in the possible issuance of an X.509 certificate with a URI SAN for a SPIFFE ID that the agent is not authorized to distribute. Proper controls are in place to require that the caller presents a valid agent certificate that is already authorized to issue at least one SPIFFE ID, and the requested SPIFFE ID belongs to the same trust domain, prior to being able to trigger this vulnerability. This issue has been fixed in SPIRE versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2021-45769,A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0542,"In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168712890",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-46933,"In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.

ffs_data_clear is indirectly called from both ffs_fs_kill_sb and
ffs_ep0_release, so it ends up being called twice when userland closes ep0
and then unmounts f_fs.
If userland provided an eventfd along with function's USB descriptors, it
ends up calling eventfd_ctx_put as many times, causing a refcount
underflow.
NULL-ify ffs_eventfd to prevent these extraneous eventfd_ctx_put calls.

Also, set epfiles to NULL right after de-allocating it, for readability.

For completeness, ffs_data_clear actually ends up being called thrice, the
last call being before the whole ffs structure gets freed, so when this
specific sequence happens there is a second underflow happening (but not
being reported):

/sys/kernel/debug/tracing# modprobe usb_f_fs
/sys/kernel/debug/tracing# echo ffs_data_clear > set_ftrace_filter
/sys/kernel/debug/tracing# echo function > current_tracer
/sys/kernel/debug/tracing# echo 1 > tracing_on
(setup gadget, run and kill function userland process, teardown gadget)
/sys/kernel/debug/tracing# echo 0 > tracing_on
/sys/kernel/debug/tracing# cat trace
 smartcard-openp-436     [000] .....  1946.208786: ffs_data_clear <-ffs_data_closed
 smartcard-openp-431     [000] .....  1946.279147: ffs_data_clear <-ffs_data_closed
 smartcard-openp-431     [000] .n...  1946.905512: ffs_data_clear <-ffs_data_put

Warning output corresponding to above trace:
[ 1946.284139] WARNING: CPU: 0 PID: 431 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15c
[ 1946.293094] refcount_t: underflow; use-after-free.
[ 1946.298164] Modules linked in: usb_f_ncm(E) u_ether(E) usb_f_fs(E) hci_uart(E) btqca(E) btrtl(E) btbcm(E) btintel(E) bluetooth(E) nls_ascii(E) nls_cp437(E) vfat(E) fat(E) bcm2835_v4l2(CE) bcm2835_mmal_vchiq(CE) videobuf2_vmalloc(E) videobuf2_memops(E) sha512_generic(E) videobuf2_v4l2(E) sha512_arm(E) videobuf2_common(E) videodev(E) cpufreq_dt(E) snd_bcm2835(CE) brcmfmac(E) mc(E) vc4(E) ctr(E) brcmutil(E) snd_soc_core(E) snd_pcm_dmaengine(E) drbg(E) snd_pcm(E) snd_timer(E) snd(E) soundcore(E) drm_kms_helper(E) cec(E) ansi_cprng(E) rc_core(E) syscopyarea(E) raspberrypi_cpufreq(E) sysfillrect(E) sysimgblt(E) cfg80211(E) max17040_battery(OE) raspberrypi_hwmon(E) fb_sys_fops(E) regmap_i2c(E) ecdh_generic(E) rfkill(E) ecc(E) bcm2835_rng(E) rng_core(E) vchiq(CE) leds_gpio(E) libcomposite(E) fuse(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sdhci_iproc(E) sdhci_pltfm(E) sdhci(E)
[ 1946.399633] CPU: 0 PID: 431 Comm: smartcard-openp Tainted: G         C OE     5.15.0-1-rpi #1  Debian 5.15.3-1
[ 1946.417950] Hardware name: BCM2835
[ 1946.425442] Backtrace:
[ 1946.432048] [<c08d60a0>] (dump_backtrace) from [<c08d62ec>] (show_stack+0x20/0x24)
[ 1946.448226]  r7:00000009 r6:0000001c r5:c04a948c r4:c0a64e2c
[ 1946.458412] [<c08d62cc>] (show_stack) from [<c08d9ae0>] (dump_stack+0x28/0x30)
[ 1946.470380] [<c08d9ab8>] (dump_stack) from [<c0123500>] (__warn+0xe8/0x154)
[ 1946.482067]  r5:c04a948c r4:c0a71dc8
[ 1946.490184] [<c0123418>] (__warn) from [<c08d6948>] (warn_slowpath_fmt+0xa0/0xe4)
[ 1946.506758]  r7:00000009 r6:0000001c r5:c0a71dc8 r4:c0a71e04
[ 1946.517070] [<c08d68ac>] (warn_slowpath_fmt) from [<c04a948c>] (refcount_warn_saturate+0x110/0x15c)
[ 1946.535309]  r8:c0100224 r7:c0dfcb84 r6:ffffffff r5:c3b84c00 r4:c24a17c0
[ 1946.546708] [<c04a937c>] (refcount_warn_saturate) from [<c0380134>] (eventfd_ctx_put+0x48/0x74)
[ 1946.564476] [<c03800ec>] (eventfd_ctx_put) from [<bf5464e8>] (ffs_data_clear+0xd0/0x118 [usb_f_fs])
[ 1946.582664]  r5:c3b84c00 r4:c2695b00
[ 1946.590668] [<bf546418>] (ffs_data_clear [usb_f_fs]) from [<bf547cc0>] (ffs_data_closed+0x9c/0x150 [usb_f_fs])
[ 1946.609608]  r5:bf54d014 r4:c2695b00
[ 1946.617522] [<bf547c24>] (ffs_data_closed [usb_f_fs]) from [<bf547da0>] (ffs_fs_kill_sb+0x2c/0x30 [usb_f_fs])
[ 1946.636217]  r7:c0dfcb
---truncated---",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0170,Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-32727,"Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private key belonged to a previously downloaded public certificate. If the Nextcloud instance served a malicious public key, the data would be encrypted for this key and thus could be accessible to a malicious actor. The vulnerability is patched in version 3.16.1. As a workaround, do not add additional end-to-end encrypted devices to a user account.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44116,"Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious operations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-29482,xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0640,"In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-23906,"An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:01Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22056,"VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-37931,Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33723,"A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could change the user profile of any user without proper authorization. With this, the attacker could change the password of any user in the affected system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2021-23846,"When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-30514,Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4296,"A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 51f75c31f7fc33859a9a571311c67ae4e95d9c68. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-34403,"NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-37053,There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-0614,"In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495528; Issue ID: ALPS05495528.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-46851,The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-4106,A vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a higher level of privileges. This issue affects: SNOW Snow Inventory Java Scanner 1.0,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-24366,"The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-43741,CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-42009,"An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-27620,"SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-3256,KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-25829,"An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-36866,Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-33463,An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2021-24379,"The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2021-32992,"FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-22703,"A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-39749,"In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205996115",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26707,"The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-20672,Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters in GROWI (v4.2 Series) versions from v4.2.0 to v4.2.7 allows remote attackers to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-20423,IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-33631,"Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:01Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41084,"http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Header names (`Header.name`å), Header values (`Header.value`), Status reason phrases (`Status.reason`), URI paths (`Uri.Path`), URI authority registered names (`URI.RegName`) (through 0.21). This issue has been resolved in versions 0.21.30, 0.22.5, 0.23.4, and 1.0.0-M27 perform the following. As a matter of practice http4s services and client applications should sanitize any user input in the aforementioned fields before returning a request or response to the backend. The carriage return, newline, and null characters are the most threatening.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N,4.7,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2021-21675,A cross-site request forgery (CSRF) vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2021-24362,"The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-22258,The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2021-0345,"In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05432974.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36388,"In Yellowfin before 9.6.1 it is possible to enumerate and download users profile pictures through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page ""MIIAvatarImage.i4"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-44357,Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-30149,Composr 10.0.36 allows upload and execution of PHP files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-26543,"The ""gitDiff"" function in Wayfair git-parse <=1.0.4 has a command injection vulnerability. Clients of the git-parse library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. The issue has been resolved in version 1.0.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-41153,"The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. This is a **high** severity security advisory if you use `evm` crate for Ethereum mainnet. In this case, you should update your library dependency immediately to on or after `0.31.0`. This is a **low** severity security advisory if you use `evm` crate in Frontier or in a standalone blockchain, because there's no security exploit possible with this advisory. It is **not** recommended to update to on or after `0.31.0` until all the normal chain upgrade preparations have been done. If you use Frontier or other `pallet-evm` based Substrate blockchain, please ensure to update your `spec_version` before updating this. For other blockchains, please make sure to follow a hard-fork process before you update this.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39711,"In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154175781References: Upstream kernel",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:01Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-25919,"In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. A highly privileged attacker could inject arbitrary code into input fields when creating a new user.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-2452,"Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-30481,"Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2021-29002,"A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the ""form.widgets.site_title"" parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:01Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2021-36763,"In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2021-3325,"Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an update to 3.13.0, unless the new feature was immediately configured.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-30626,Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-39735,"In gasket_alloc_coherent_memory of gasket_page_table.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151455484References: N/A",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:01Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2021-36134,Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS).,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:01Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2021-32853,"Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:01Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-32478,An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28462,novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-2101,"The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `file[files][]` parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level permissions and above to inject arbitrary web scripts on the file's page that will execute whenever an administrator accesses the editor area for the injected file page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20206,"In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3998,"A vulnerability, which was classified as critical, was found in MonikaBrzica scm. This affects an unknown part of the file uredi_korisnika.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213699.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48491,Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-33891,"The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34907,An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to gain access to the system with the highest authority possible and gain full control over the FileWave platform.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0497,"A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-1522,"The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that show the password as having been changed when it is not, complicating forensics.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-42124,"ReDoS vulnerability in LayoutPageTemplateEntryUpgradeProcess in Liferay Portal 7.3.2 through 7.4.3.4 and Liferay DXP 7.2 fix pack 9 through fix pack 18, 7.3 before update 4, and DXP 7.4 GA allows remote attackers to consume an excessive amount of server resources via a crafted payload injected into the 'name' field of a layout prototype.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-2314,The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1163,Cross-site Scripting (XSS) - Stored in GitHub repository mineweb/minewebcms prior to next.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0476,Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36674,Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/view_schedule.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4835,"The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-45766,"Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-45060,"An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-4904,"A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H,8.6,3.9,4.7,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2022-20182,"In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-21934,Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25711,"Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3474,A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-2560,This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-17481.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-44808,"A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30605,A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4962,"A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. VDB-250430 is the identifier assigned to this vulnerability. NOTE: The maintainer explains that user data information like user id, name, and email are not sensitive.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-21757,"In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35252,"When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a""sister site"" to deny service to all siblings.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,3.7,2.2,1.4,LOW,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-46153,"Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-39820,"In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-34609,H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4446,PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31074,"KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-30370,Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26128,A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25243,"""Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if the PKI role policy attribute allow_subdomains is set to false. Fixed in Vault Enterprise 1.8.9 and 1.9.4.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-2208,NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0729,Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41963,"BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N,3.1,1.6,1.4,LOW,2024-12-07T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-31259,"The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30561,"When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-38881,"The d8s-archives for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23122,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41290,"IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges.  IBM X-Force ID:  236690.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.4,2.5,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28312,This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16342.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-25922,Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-4881,A vulnerability was found in CapsAdmin PAC3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lua/pac3/core/shared/http.lua. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. The patch is identified as 8fc9e12dfa21d757be6eb4194c763e848b299ac0. It is recommended to apply a patch to fix this issue. VDB-217646 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-48942,"In the Linux kernel, the following vulnerability has been resolved:

hwmon: Handle failure to register sensor with thermal zone correctly

If an attempt is made to a sensor with a thermal zone and it fails,
the call to devm_thermal_zone_of_sensor_register() may return -ENODEV.
This may result in crashes similar to the following.

Unable to handle kernel NULL pointer dereference at virtual address 00000000000003cd
...
Internal error: Oops: 96000021 [#1] PREEMPT SMP
...
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : mutex_lock+0x18/0x60
lr : thermal_zone_device_update+0x40/0x2e0
sp : ffff800014c4fc60
x29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790
x26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000
x23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd
x20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000
x17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040
x14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000
x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000
x8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000
x5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd
x2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd
Call trace:
 mutex_lock+0x18/0x60
 hwmon_notify_event+0xfc/0x110
 0xffffdde1cb7a0a90
 0xffffdde1cb7a0b7c
 irq_thread_fn+0x2c/0xa0
 irq_thread+0x134/0x240
 kthread+0x178/0x190
 ret_from_fork+0x10/0x20
Code: d503201f d503201f d2800001 aa0103e4 (c8e47c02)

Jon Hunter reports that the exact call sequence is:

hwmon_notify_event()
  --> hwmon_thermal_notify()
    --> thermal_zone_device_update()
      --> update_temperature()
        --> mutex_lock()

The hwmon core needs to handle all errors returned from calls
to devm_thermal_zone_of_sensor_register(). If the call fails
with -ENODEV, report that the sensor was not attached to a
thermal zone  but continue to register the hwmon device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-26065,"Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in GetLatestDemandNode. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48854,"In the Linux kernel, the following vulnerability has been resolved:

net: arc_emac: Fix use after free in arc_mdio_probe()

If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free
the ""bus"". But bus->name is still used in the next line, which will lead
to a use after free.

We can fix it by putting the name in a local variable and make the
bus->name point to the rodata section ""name"",then use the name in the
error message without referring to bus to avoid the uaf.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0521,Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-1953,"The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink() without validation first",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-36533,Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41664,"A vulnerability has been identified in JT2Go (All versions <  V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36791,Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Awesome UG Torro Forms plugin <= 1.0.16 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-3112,An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35092,SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-30621,"Allows a remote user to read files on the camera's OS ""GetFileContent.cgi"". Reading arbitrary files on the camera's OS as root user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-27494,Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24319,"A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20233,"In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41015,Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command template.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37139,Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24197,"iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38256,TastyIgniter v3.5.0 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47967,"A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47606,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Stephenson WP-CORS plugin <= 0.2.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-37331,An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47341,"In engineermode services, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36994,"An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36079,"Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Internal fields (keys used internally by Parse Server, prefixed by `_`) and protected fields (user defined) can be used as query constraints. Internal and protected fields are removed by Parse Server and are only returned to the client using a valid master key. However, using query constraints, these fields can be guessed by enumerating until Parse Server, prior to versions 4.10.14 or 5.2.5, returns a response object. The patch available in versions 4.10.14 and 5.2.5 requires the maser key to use internal and protected fields as query constraints. As a workaround, implement a Parse Cloud Trigger `beforeFind` and manually remove the query constraints.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-32028,Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22662,"A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-28025,Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44650,"A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3560,"A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-42301,An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38334,XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0990,Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-22502,IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-36559,Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain a command injection vulnerability via the Ping parameter at ping_exec.cgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28508,An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4927,A vulnerability was found in ualbertalib NEOSDiscovery 1.0.70 and classified as problematic. This issue affects some unknown processing of the file app/views/bookmarks/_refworks.html.erb. The manipulation leads to use of web link to untrusted target with window.opener access. The attack may be initiated remotely. Upgrading to version 1.0.71 is able to address this issue. The patch is named abe9f57123e0c278ae190cd7402a623d66c51375. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222287.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-31776,"IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 228433.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45278,Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25355,"EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-38153,"An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache frees a pointer that points to unallocated memory, causing the client to crash with a ""free(): invalid pointer"" message. NOTE: It is likely that this is also exploitable during TLS 1.3 handshakes between a client and a malicious server. With TLS 1.3, it is not possible to exploit this as a man-in-the-middle.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24317,A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior),CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-21688,"OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an undisclosed vulnerability in the QT image parsing. Roughly 20 bytes lead to 2GB memory consumption and this can be triggered multiple times. To be abused, this vulnerability requires rendering in the history tab, so some user interaction is required. An adversary with knowledge of the Onion service address in public mode or with authentication in private mode can perform a Denial of Service attack, which quickly results in out-of-memory for the server. This requires the desktop application with rendered history, therefore the impact is only elevated. This issue has been patched in version 2.5.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-39256,Orckestra C1 CMS is a .NET based Web Content Management System. A vulnerability in versions prior to 6.13 allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS. Authentication is required to exploit this vulnerability. The authenticated user may perform the actions unknowingly by visiting a specially crafted site. This issue is patched in C1 CMS v6.13. There are no known workarounds.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30350,"Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides users with a ""white out"" functionality for redacting images, text, and other graphics from a PDF document. However, this mechanism does not remove underlying text or PDF object specification information from the PDF. As a result, for example, redacted text may be copy-pasted by a PDF reader.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-42969,"The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-40643,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17407.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2458,"XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. Here, XML external entity injection lead to External Service interaction & Internal file read in Business Central and also Kie-Server APIs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,8.2,3.9,4.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2022-38803,"Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N,6.8,2.3,4.0,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,NONE,NONE
CVE-2022-1232,Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32739,"When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-3076,"The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39198,"A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 and its earlier versions, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.17 and prior versions; Apache Dubbo 3.0.x version 3.0.11 and prior versions; Apache Dubbo 3.1.x version 3.1.0 and prior versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31395,Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware 1.7.6 allows attackers to perform a directory traversal via a web request sent to /fm-data.lua.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45483,Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20917,"A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application.
 This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-41878,"Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37122,"Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29840,"Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the local server.This issue affects My Cloud OS 5 devices before 5.26.202.


",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-24783,Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. This vulnerability does not affect users of Deno Deploy. The vulnerability has been patched in Deno 1.20.3. There is no workaround. All users are recommended to upgrade to 1.20.3 immediately.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-3255,"If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-34967,The assertion `stmt->Dbc->FirstStmt' failed in MonetDB Database Server v11.43.13.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35936,"Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that used the identical bytecode (i.e shared the same `CodeHash`) will also stop working once one contract invokes `selfdestruct`, even though the other contracts did not invoke the `selfdestruct` OPCODE. This vulnerability has been patched in Ethermint version v0.18.0. The patch has state machine-breaking changes for applications using Ethermint, so a coordinated upgrade procedure is required. A workaround is available. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e. with identical bytecode, so that the original contract's code is recovered. The new contract deployment restores the `bytecode hash -> bytecode` entry in the internal state.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-23425,Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44317,PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioOutPutc function in cstdlib/stdio.c when called from ExpressionParseFunctionCall.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-46848,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.1 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2978,A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37598,Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48438,"In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-37134,"D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22105,"Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2338,"Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29418,"Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) in Mark Daniels Night Mode plugin <= 1.0.0 on WordPress via vulnerable parameters: &ntmode_page_setting[enable-me], &ntmode_page_setting[bg-color], &ntmode_page_setting[txt-color], &ntmode_page_setting[anc_color].",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0318,Heap-based Buffer Overflow in vim/vim prior to 8.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20661,"Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,4.6,0.9,3.6,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-27275,InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. This vulnerability is triggered via a crafted packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43770,"
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API.   

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-31760,Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-34854,Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1499,Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2022-23141,"ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-34802,Jenkins RocketChat Notifier Plugin 1.5.2 and earlier stores the login password and webhook token unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-36682,Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42832,"A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46648,ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-47318.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35050,OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-48446,"In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-2142,"The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29709,CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43422,"Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-27474,SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36865,"Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-22301,"An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45599,"Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23464,"Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36046,"Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict `unhandledRejection` exiting AND using next start or a [custom server](https://nextjs.org/docs/advanced-features/custom-server). Deployments on Vercel ([vercel.com](https://vercel.com/)) are not affected along with similar environments where `next-server` isn't being shared across requests.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,5.3,1.6,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0019,An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-31405,MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-46696,"A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25439,Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29983,Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31383,Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22634,"A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23630,"Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled on one or more configurations and those configurations have common dependencies with other configurations that have dependency verification enabled. If the configuration that has dependency verification disabled is resolved first, Gradle does not verify the common dependencies for the configuration that has dependency verification enabled. Gradle 7.4 fixes that issue by validating artifacts at least once if they are present in a resolved configuration that has dependency verification active. For users who cannot update either do not use `ResolutionStrategy.disableDependencyVerification()` and do not use plugins that use that method to disable dependency verification for a single configuration or make sure resolution of configuration that disable that feature do not happen in builds that resolve configuration where the feature is enabled.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3291,"Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-31470,"An XSS vulnerability in the index_mobile_changepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session (for a logged-in user), can access and retrieve mailbox content.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41593,"The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,3.4,0.8,2.5,LOW,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2022-21680,"Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-43692,Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS - user can cause an administrator to trigger reflected XSS with a url if the targeted administrator is using an old browser that lacks XSS protection. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23672,"A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3837,"The Uji Countdown WordPress plugin before 2.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-43425,"Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-46344,"A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2913,The Login No Captcha reCAPTCHA WordPress plugin before 1.7 doesn't check the proper IP address allowing attackers to spoof IP addresses on the allow list and bypass the need for captcha on the login screen.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-31706,"The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40662,This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15351.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0698,Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2751,A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/add-portfolio.php. The manipulation of the argument ufile leads to unrestricted upload. The attack may be launched remotely. The identifier of this vulnerability is VDB-206024.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21210,An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2254,A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38072,An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4597,"A vulnerability, which was classified as problematic, was found in Shoplazza LifeStyle 1.1. Affected is an unknown function of the file /admin/api/admin/v2_products of the component Create Product Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216192.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-46712,A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44877,login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29034,"A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code.

This could allow attackers to perform reflected cross-site scripting (XSS) attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-36700,Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38220,An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20107,"In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22615,"A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25850,The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3449,Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36725,Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21806,A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45669,Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-40885,Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-43702,"When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31571,The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L,9.3,3.9,4.7,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,LOW
CVE-2022-0430,Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-24253,Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31793,"do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43333,Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution (RCE) vulnerability in the component action_export_control.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45401,"Jenkins Associated Files Plugin 0.2.1 and earlier does not escape names of associated files, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47144,Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25756,"A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1741,The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34783,"Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0217,"It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs (CWE-776). In addition, depending on the libexpat version used, it may also allow injections using XML External Entity References (CWE-611).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24974,Links may not be rewritten according to policy in some specially formatted emails.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-34393,"
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.





",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,7.5,0.8,6.0,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-38439,"Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-27041,"Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-32372,itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29990,Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0566,It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38137,Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34233,"Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22514,"An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,7.1,2.8,4.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2022-41589,The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system services and device availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-31232,SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29397,TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0083,livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-28628,"A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.4,2.5,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0296,Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25318,An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-22316,IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service due to incorrectly configured authorization checks. IBM X-Force ID: 218276.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34445,"
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.





",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3969,A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this issue. The name of the patch is c069e4d73ab8864345c25119d8459495f45453e1. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213548.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-28692,Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-34951,Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27158,pearweb < 1.32 suffers from Deserialization of Untrusted Data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4876,A vulnerability was found in Kaltura mwEmbed up to 2.96.rc1 and classified as problematic. This issue affects some unknown processing of the file includes/DefaultSettings.php. The manipulation of the argument HTTP_X_FORWARDED_HOST leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.96.rc2 is able to address this issue. The patch is named 13b8812ebc8c9fa034eed91ab35ba8423a528c0b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217427.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22828,An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-39836,"An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34760,"A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3175,Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-38663,"Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-28774,"Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-27167,"Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit ""Repair"" and ""Uninstall"" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-21133,Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-27932,Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-23686,"Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1010 and below, AOS-CX 10.08.xxxx: 10.08.1050 and below, AOS-CX 10.06.xxxx: 10.06.0190 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-23387,An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-44784,"An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed services, there is the Axis AdminService, which, through the default configuration, should normally be accessible only by the localhost. Nevertheless, by trying to access the mentioned service, both in LFS and DL229, the service can actually be reached even by remote users, allowing creation of arbitrary services on the server side. When an attacker can reach the AdminService, they can use it to instantiate arbitrary services on the server. The exploit procedure is well known and described in Generic AXIS-SSRF exploitation. Basically, the attack consists of writing a JSP page inside the root directory of the web application, through the org.apache.axis.handlers.LogHandler class.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34442,"
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.  An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.





",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27286,D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-32473,An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0350,Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41891,"TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListConcat` is given `element_shape=[]`, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-41806,"In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-27161,Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43482,Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22462,"
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20113,"In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-205996517",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0653,The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 3.6.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41026,Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn pptp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> mppe (on|off) stateful (on|off) options WORD' command template.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0853,"A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22567,Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L,5.1,0.8,4.2,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,LOW
CVE-2022-4465,"The WP Video Lightbox WordPress plugin before 1.9.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25357,Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-2818,"Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47757,"In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load modules. Loading the library can lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20540,"In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24316,A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior),CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36862,A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23025,"On BIG-IP version 16.1.x before 16.1.1, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, when a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-31291,An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-41939,"knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious `lifecycle` container. This issues has been patched in PR #1442, and is part of release 1.8.1. This issue only affects users who are using function buildpacks from third-parties; pinning the builder image to a specific content-hash with a valid `lifecycle` image will also mitigate the attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N,7.4,2.8,4.0,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,NONE,NONE
CVE-2022-42290,"NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33243,Memory corruption due to improper access control in Qualcomm IPC.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0290,Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-45529,AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-4701,"The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_activate_required_plugins' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to activate the 'contact-form-7', 'media-library-assistant', or 'woocommerce' plugins if they are installed on the site.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40026,SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41733,"
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-39153,"A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22185,"A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when 'preserve-incoming-fragment-size' feature is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS prior to 17.3R1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0997,"Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29888,A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-27794,"Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42718,Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28378,Craft CMS before 3.7.29 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32821,"A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36797,Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-32642,"In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326547; Issue ID: ALPS07326547.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25417,Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31384,Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39395,"Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to Server 0.16.0, Worker 0.16.0, and UI 0.17.0 to fix the issue. After upgrading, Vela administrators will need to explicitly change the default settings to configure Vela as desired. Some of the fixes will interrupt existing workflows and will require Vela administrators to modify default settings. However, not applying the patch (or workarounds) will continue existing risk exposure. Some workarounds are available. Vela administrators can adjust the worker's `VELA_RUNTIME_PRIVILEGED_IMAGES` setting to be explicitly empty, leverage the `VELA_REPO_ALLOWLIST` setting on the server component to restrict access to a list of repositories that are allowed to be enabled, and/or audit enabled repositories and disable pull_requests if they are not needed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,9.9,3.1,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-20489,"In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703460",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36075,"Nextcloud files access control is a nextcloud app to manage access control for files. Users with limited access can see file names in certain cases where they do not have privilege to do so. This issue has been addressed and it is recommended that the Nextcloud Files Access Control app is upgraded to 1.12.2, 1.13.1 or 1.14.1. There are no known workarounds for this issue",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-26764,"A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N,4.7,1.0,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2022-4761,"The Post Views Count WordPress plugin through 3.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-43046,Food Ordering Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /foms/place-order.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24075,"Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43017,OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4658,"The RSSImport WordPress plugin through 4.6.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32476,An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48585,A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36835,Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-35513,The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20747,"A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating system. An attacker could exploit this vulnerability by sending a crafted API request to Cisco vManage as a lower-privileged user and gaining access to sensitive information that they would not normally be authorized to access.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-38545,Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-42492,Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_AD command.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2244,"An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows project memebers with reporter role to manage issues in project's error tracking feature.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-25223,Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/view_details' via the 'id' parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-23236,E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-38625,"Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position is that this is a design choice, not a vulnerability",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29683,CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2147,Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43516,A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI),CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2795,"By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-1767,Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22544,"Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720, allows an administrator to execute code on all connected Diagnostics Agents and browse files on their systems. An attacker could thereby control the managed systems. It is considered that this is a missing segregation of duty for the SAP Solution Manager administrator. Impacts of unauthorized execution of commands can lead to sensitive information disclosure, loss of system integrity and denial of service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-22209,"A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos platforms, the Kernel Routing Table (KRT) queue can get stuck due to a memory leak triggered by interface flaps or route churn leading to RIB and PFEs getting out of sync. The memory leak causes RTNEXTHOP/route and next-hop memory pressure issue and the KRT queue will eventually get stuck with the error- 'ENOMEM -- Cannot allocate memory'. The out-of-sync state between RIB and FIB can be seen with the ""show route"" and ""show route forwarding-table"" command. This issue will lead to failures for adding new routes. The KRT queue status can be checked using the CLI command ""show krt queue"": user@host > show krt state High-priority add queue: 1 queued ADD nhtype Router index 0 (31212) error 'ENOMEM -- Cannot allocate memory' kqp '0x8ad5e40' The following messages will be observed in /var/log/messages, which indicate high memory for routes/nexthops: host rpd[16279]: RPD_RT_HWM_NOTICE: New RIB highwatermark for routes: 266 [2022-03-04 05:06:07] host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host rpd[16279]: RPD_KRT_Q_RETRIES: nexthop ADD: Cannot allocate memory host kernel: rts_veto_net_delayed_unref_limit: Route/nexthop memory is severe pressure. User Application to perform recovery actions. O p 8 err 12, rtsm_id 0:-1, msg type 10, veto simulation: 0. host kernel: rts_veto_net_delayed_unref_limit: Memory usage of M_RTNEXTHOP type = (806321208) Max size possible for M_RTNEXTHOP type = (689432176) Current delayed unref = (0), Max delayed unref on this platform = (120000) Current delayed weight unref = (0) Max delayed weight unref on this platform = (400000) curproc = rpd. This issue affects: Juniper Networks Junos OS 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2-S1, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; This issue does not affect Juniper Networks Junos OS versions prior to 21.2R1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-26746,"This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36058,"Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks (historical or actual) could encounter a `MultiESDTNFTTransfer` transaction like this: `MultiESDTNFTTransfer` with a missing function name. Basic functionality like p2p messaging, storage, API requests and such are unaffected. Version 1.3.34 contains a fix for this issue. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-4048,Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,7.7,2.5,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-22810,"A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24298,All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20515,"In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220733496",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1749,"The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37879,Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32475,"An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue was fixed in the kernel, which also protected chipset and OEM chipset code.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29146,Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H,8.3,1.6,6.0,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-39067,"There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24585,A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-21760,"In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479562; Issue ID: ALPS06479562.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-46126,Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4661,"The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2321,Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42324,"Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0249,A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-3059,"
The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. Due to the stacked query support, complex SQL commands could be crafted and injected into the vulnerable parameter and using a sleep based inferential SQL injection it was possible to extract data from the database.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20145,"In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36553,Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37343,Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2485,Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29061,An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2870,A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30809,elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0912,Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20366,"In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877745References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46317,The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20260,"In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34012,Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-42720,Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41955,"Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab's MOSS functionality, whereby an instructor with access to the feature might be able to execute code on the server hosting Autolab. This vulnerability has been patched in version 2.10.0. As a workaround, disable the MOSS feature if it is unneeded by replacing the body of `run_moss` in `app/controllers/courses_controller.rb` with `render(plain: ""Feature disabled"", status: :bad_request) && return`.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28434,Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23503,"TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37326,Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29489,Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-4698,"The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38841,Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25406,Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via the DELETE_STR parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26450,"In apusys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177801; Issue ID: ALPS07177801.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34392,"
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.





",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-4252,A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function builtin_echo of the file categories.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214629 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32485,Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3187,"Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets. 



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-27292,D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36903,A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-20737,"A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,7.1,2.8,4.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,HIGH
CVE-2022-34635,The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35931,"Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. Upgrade Nextcloud Server to 22.2.10, 23.0.7 or 24.0.3 to receive a patch for the issue in Password Policy. There are no known workarounds available.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N,2.7,1.2,1.4,LOW,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-20924,"A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

 This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36840,DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1660,"The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3285,"Bypass of healthcheck endpoint allow list affecting all versions from 12.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an unauthorized attacker to prevent access to GitLab",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-40008,SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23603,iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28109,Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected by: DNS rebinding. The impact is: execute arbitrary code (remote). The component is: WebDriver endpoint of Selenium Grid / Selenium Standalone Server. The attack vector is: Triggered by browsing to to a malicious remote web server. The WebDriver endpoint of Selenium Server (Grid) is vulnerable to DNS rebinding. This can be used to execute arbitrary code on the machine.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37086,H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22367,"IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-44737,Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33889,"A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41336,"An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal versions 6.0.0 through 6.0.11 and all versions of 5.3, 5.2, 5.1, 5.0 management interface may allow a remote authenticated attacker to perform a stored cross site scripting (XSS) attack via sending request with specially crafted columnindex parameter.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1560,"The Amministrazione Aperta WordPress plugin before 3.8 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-4745,"The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N,7.1,2.8,4.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,LOW,NONE
CVE-2022-37243,MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-36892,"Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-23103,A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26500,"Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29914,"When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2022-4775,"The GeoDirectory WordPress plugin before 2.2.22 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32743,Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-23004,"When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-24334,"In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-31675,VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-42150,"TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,10.0,3.9,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-4297,"The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20049,"In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38753,This update resolves a multi-factor authentication bypass attack,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2022-30981,"An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39050,An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Then the stored JavaScript is executed in the context of OTRS. The same issue applies for the usage of external data sources e.g. database or ldap,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-29232,"BigBlueButton is an open source web conferencing system. Starting with version 2.2 and prior to versions 2.3.9 and 2.4-beta-1, an attacker can circumvent access controls to obtain the content of public chat messages from different meetings on the server. The attacker must be a participant in a meeting on the server. BigBlueButton versions 2.3.9 and 2.4-beta-1 contain a patch for this issue. There are currently no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-38093,Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43045,GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-21721,"Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in i18n support. Deployments on Vercel, along with similar environments where invalid requests are filtered before reaching Next.js, are not affected. A patch has been released, `next@12.0.9`, that mitigates this issue. As a workaround, one may ensure `/${locale}/_next/` is blocked from reaching the Next.js instance until it becomes feasible to upgrade.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-42499,"In sms_SendMmCpErrMsg of sms_MmConManagement.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242001391References: N/A",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33268,"Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-41851,"A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44583,Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43693,"Concrete CMS is vulnerable to CSRF due to the lack of ""State"" parameter for external Concrete authentication service for users of Concrete who use the ""out of the box"" core OAuth.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48728,"In the Linux kernel, the following vulnerability has been resolved:

IB/hfi1: Fix AIP early init panic

An early failure in hfi1_ipoib_setup_rn() can lead to the following panic:

  BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0
  PGD 0 P4D 0
  Oops: 0002 [#1] SMP NOPTI
  Workqueue: events work_for_cpu_fn
  RIP: 0010:try_to_grab_pending+0x2b/0x140
  Code: 1f 44 00 00 41 55 41 54 55 48 89 d5 53 48 89 fb 9c 58 0f 1f 44 00 00 48 89 c2 fa 66 0f 1f 44 00 00 48 89 55 00 40 84 f6 75 77 <f0> 48 0f ba 2b 00 72 09 31 c0 5b 5d 41 5c 41 5d c3 48 89 df e8 6c
  RSP: 0018:ffffb6b3cf7cfa48 EFLAGS: 00010046
  RAX: 0000000000000246 RBX: 00000000000001b0 RCX: 0000000000000000
  RDX: 0000000000000246 RSI: 0000000000000000 RDI: 00000000000001b0
  RBP: ffffb6b3cf7cfa70 R08: 0000000000000f09 R09: 0000000000000001
  R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
  R13: ffffb6b3cf7cfa90 R14: ffffffff9b2fbfc0 R15: ffff8a4fdf244690
  FS:  0000000000000000(0000) GS:ffff8a527f400000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: 00000000000001b0 CR3: 00000017e2410003 CR4: 00000000007706f0
  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
  PKRU: 55555554
  Call Trace:
   __cancel_work_timer+0x42/0x190
   ? dev_printk_emit+0x4e/0x70
   iowait_cancel_work+0x15/0x30 [hfi1]
   hfi1_ipoib_txreq_deinit+0x5a/0x220 [hfi1]
   ? dev_err+0x6c/0x90
   hfi1_ipoib_netdev_dtor+0x15/0x30 [hfi1]
   hfi1_ipoib_setup_rn+0x10e/0x150 [hfi1]
   rdma_init_netdev+0x5a/0x80 [ib_core]
   ? hfi1_ipoib_free_rdma_netdev+0x20/0x20 [hfi1]
   ipoib_intf_init+0x6c/0x350 [ib_ipoib]
   ipoib_intf_alloc+0x5c/0xc0 [ib_ipoib]
   ipoib_add_one+0xbe/0x300 [ib_ipoib]
   add_client_context+0x12c/0x1a0 [ib_core]
   enable_device_and_get+0xdc/0x1d0 [ib_core]
   ib_register_device+0x572/0x6b0 [ib_core]
   rvt_register_device+0x11b/0x220 [rdmavt]
   hfi1_register_ib_device+0x6b4/0x770 [hfi1]
   do_init_one.isra.20+0x3e3/0x680 [hfi1]
   local_pci_probe+0x41/0x90
   work_for_cpu_fn+0x16/0x20
   process_one_work+0x1a7/0x360
   ? create_worker+0x1a0/0x1a0
   worker_thread+0x1cf/0x390
   ? create_worker+0x1a0/0x1a0
   kthread+0x116/0x130
   ? kthread_flush_work_fn+0x10/0x10
   ret_from_fork+0x1f/0x40

The panic happens in hfi1_ipoib_txreq_deinit() because there is a NULL
deref when hfi1_ipoib_netdev_dtor() is called in this error case.

hfi1_ipoib_txreq_init() and hfi1_ipoib_rxq_init() are self unwinding so
fix by adjusting the error paths accordingly.

Other changes:
- hfi1_ipoib_free_rdma_netdev() is deleted including the free_netdev()
  since the netdev core code deletes calls free_netdev()
- The switch to the accelerated entrances is moved to the success path.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-41171,"Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-33175,"Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43718,"Upload data forms do not correctly render user input leading to possible XSS attack vectors that can be performed by authenticated users with database connection update permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1653,"The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-40843,The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-4549,"The Tickera WordPress plugin before 3.5.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-38708,"
IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-38272,JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25207,A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42711,"In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-0262,Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-37360,This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-17635.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-44546,The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-1418,"The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-31774,"IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228358.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23862,"A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the ""NT Authority\System"" user, an attacker is able to use the vulnerability to execute arbitrary code and elevate to the system user.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24744,"Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password recovery. This issue has been resolved in version 6.4.8.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,3.5,2.1,1.4,LOW,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2022-32917,"The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48554,"File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: ""File"" is the name of an Open Source project.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-48340,"In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use-after-free.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22286,A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-42161,"D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2136,The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-46422,An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.,CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H,4.8,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,LOW,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22055,The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1298,"The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-45714,IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30326,An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23018,"On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0641,"The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the ays_fb_tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22719,A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-4091,A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function query of the file food.php. The manipulation of the argument product_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214359.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0647,"The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the post_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22426,"IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-20265,"In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-212804898",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-48839,"In the Linux kernel, the following vulnerability has been resolved:

net/packet: fix slab-out-of-bounds access in packet_recvmsg()

syzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH
and mmap operations, tpacket_rcv() is queueing skbs with
garbage in skb->cb[], triggering a too big copy [1]

Presumably, users of af_packet using mmap() already gets correct
metadata from the mapped buffer, we can simply make sure
to clear 12 bytes that might be copied to user space later.

BUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline]
BUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489
Write of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631

CPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255
 __kasan_report mm/kasan/report.c:442 [inline]
 kasan_report.cold+0x83/0xdf mm/kasan/report.c:459
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189
 memcpy+0x39/0x60 mm/kasan/shadow.c:66
 memcpy include/linux/fortify-string.h:225 [inline]
 packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489
 sock_recvmsg_nosec net/socket.c:948 [inline]
 sock_recvmsg net/socket.c:966 [inline]
 sock_recvmsg net/socket.c:962 [inline]
 ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632
 ___sys_recvmsg+0x127/0x200 net/socket.c:2674
 __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fdfd5954c29
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29
RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005
RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60
R13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54
 </TASK>

addr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame:
 ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246

this frame has 1 object:
 [32, 160) 'addr'

Memory state around the buggy address:
 ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00
 ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00
>ffffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3
                                                                ^
 ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1
 ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00
==================================================================",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38583,"On versions of Sage 300 2017 - 2022 (6.4.x - 6.9.x) which are setup in a ""Windows Peer-to-Peer Network"" or ""Client Server Network"" configuration, a low-privileged Sage 300 workstation user could abuse their access to the ""SharedData"" folder on the connected Sage 300 server to view and/or modify the credentials associated with Sage 300 users and SQL accounts to impersonate users and/or access the SQL database as a system administrator. With system administrator-level access to the Sage 300 MS SQL database it would be possible to create, update, and delete all records associated with the program and, depending on the configuration, execute code on the underlying database server.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20567,"In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35538,"WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1769,Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45654,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36472,H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24926,Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4714,"The WP Dark Mode WordPress plugin before 4.0.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-39353,"xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`, without reporting any error or throwing. This breaks the assumption that there is only a single root node in the tree, which led to issuance of CVE-2022-39299 as it is a potential issue for dependents. Update to @xmldom/xmldom@~0.7.7, @xmldom/xmldom@~0.8.4 (dist-tag latest) or @xmldom/xmldom@>=0.9.0-beta.4 (dist-tag next). As a workaround, please one of the following approaches depending on your use case: instead of searching for elements in the whole DOM, only search in the `documentElement`or reject a document with a document that has more then 1 `childNode`.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30974,"compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-1441,"MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38227,XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24219,eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0965,Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47602,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in JoomUnited WP Table Manager plugin <= 3.5.2 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41681,There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40291,"
The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare circumstances, hijack their account and create other admin accounts.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26526,"Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21196,"MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3250,Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-2741,"The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain the opposite RTR bit as what the filter installed in the vulnerable node contains (if the filter matches RTR frames, the frame must be a data frame or vice versa).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-25618,Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-35904,An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2022-4484,"The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.44 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28756,The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48603,A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4421,A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 8a39b2b2bf28353b3503ff1421862393db15aa7e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215304.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22517,"An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3660,Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-28651,In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23823,A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-0377,"Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration.  After this process the user crops and saves the image. Then a ""POST"" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulnerability in order to rename an arbitrary image file. By doing this, they could destroy the design of the web site.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-27368,Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43025,Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2903,"The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47015,MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24887,"Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2, and 13.0.0, when sharing a Deck card in conversation, the metaData can be manipulated so users can be tricked into opening arbitrary URLs. This issue is fixed in versions 11.3.4, 12.2.2, and 13.0.0. There are currently no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20070,"In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06362920; Issue ID: ALPS06362920.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32292,"In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38142,"
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0170,peertube is vulnerable to Improper Access Control,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-34285,A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-050),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-34914,"Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be manipulated by a client to store an arbitrary value that is used to replace the clientIp variable (without sanitization). A client can thus inject multiple arguments into the session startup. Systems that do not use the clientIP variable in the configuration are not vulnerable. The vulnerability is fixed in these versions: 20.1.16, 20.2.19, 21.1.8, 21.2.12, and 22.1.3.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41591,The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-32073,WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29975,An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-37843,"In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37437,"When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33253,Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35156,Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4105,A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-34424,"Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-48067,An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-48793,"In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: nSVM: fix potential NULL derefernce on nested migration

Turns out that due to review feedback and/or rebases
I accidentally moved the call to nested_svm_load_cr3 to be too early,
before the NPT is enabled, which is very wrong to do.

KVM can't even access guest memory at that point as nested NPT
is needed for that, and of course it won't initialize the walk_mmu,
which is main issue the patch was addressing.

Fix this for real.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-46582,TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21733,"Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on `pad_witdh` and that result in computing a negative value for `ngram_width` which is later used to allocate parts of the output. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-23402,"The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25098,ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-32277,"Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-20663,"A vulnerability in the web-based management interface of Cisco&nbsp;Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco&nbsp;portfolio includes the renaming of security products under one brand: Cisco&nbsp;Secure. For more information, see .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0981,A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2029,Cross-site Scripting (XSS) - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41220,"md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28622,A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-4644,Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-21215,"This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing routes on those cloud-hosting platforms, accessing secret keys, changing configurations, etc. Affecting MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31584,The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L,9.3,3.9,4.7,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,LOW
CVE-2022-23637,"K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked, execute untrusted javascript actions, like retrieving user cookies. Version 0.33.1 includes a patch that allows discarding unsafe links.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30276,"The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-40193,Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-44151,Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0233,"The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pm_user_avatar and pm_cover_image parameters found in the ~/admin/class-profile-magic-admin.php file which allows attackers with authenticated user access, such as subscribers, to inject arbitrary web scripts into their profile, in versions up to and including 1.2.7.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25782,Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2022-23461,Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no known workarounds.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47780,SQL Injection vulnerability in Bangresto 1.0 via the itemID parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3835,"The Kwayy HTML Sitemap WordPress plugin before 4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30411,Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2593,"The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30073,WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-35240,"In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing (MR) Message Queuing Telemetry Transport (MQTT) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35555,"A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4691,Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25458,Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33155,The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38833,School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=view&id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48424,"In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20499,"In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-246539931",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3167,Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22742,"When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-28300,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation 10.16.02.034 CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16202.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20239,"remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233972091",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1664,"Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23040,"Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23569,"Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-37952,"A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23649,"Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and push permissions for the signature in OCI. This can happen with both standard signing with a keypair and ""keyless signing"" with Fulcio. If an attacker has access to the signature in OCI, they can manipulate cosign into believing the entry was stored in Rekor even though it wasn't. The vulnerability has been patched in v1.5.2 of Cosign. The `signature` in the `signedEntryTimestamp` provided by Rekor is now compared to the `signature` that is being verified. If these don't match, then an error is returned. If a valid bundle is copied to a different signature, verification should fail. Cosign output now only informs the user that certificates were verified if a certificate was in fact verified. There is currently no known workaround.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-2417,"Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply chain attacks where a victim pinned to a specific Git commit of the project.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N,4.5,0.9,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2022-34913,md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36463,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31149,"ActivityWatch open-source automated time tracker. Versions prior to 0.12.0b2 are vulnerable to DNS rebinding attacks. This vulnerability impacts everyone running ActivityWatch and gives the attacker full access to the ActivityWatch REST API. Users should upgrade to v0.12.0b2 or later to receive a patch. As a workaround, block DNS lookups that resolve to 127.0.0.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-24322,A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior),CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-2641,"Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46137,AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20706,"Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48917,"In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

While the $val/$val2 values passed in from userspace are always >= 0
integers, the limits of the control can be signed integers and the $min
can be non-zero and less than zero. To correctly validate $val/$val2
against platform_max, add the $min offset to val first.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20168,Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-41639,"A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2799,"The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20704,"Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,4.8,2.2,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2022-42943,A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47170,"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.48 versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4208,"The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-40293,"
The application was vulnerable to a session fixation that could be used hijack accounts.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2190,"The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0440,"The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog (ie DISALLOW_UNFILTERED_HTML, DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS constants set to true)",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20420,"In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238377411",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27952,An arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbitrary code via a crafted SVG file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35236,"In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35968,"TensorFlow is an open source platform for machine learning. The implementation of `AvgPoolGrad` does not fully validate the input `orig_input_shape`. This results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22815,path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2022-28244,"Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker's server.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N,6.3,1.8,4.0,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,NONE,NONE
CVE-2022-2652,Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row).,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H,6.0,0.8,5.2,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-27677,"
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low
privileges to modify files potentially leading to privilege escalation and code execution by the lower
privileged user.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34366,"
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information.





",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-24789,"C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H,7.6,2.8,4.7,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2022-23981,The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-3770,A vulnerability classified as critical was found in Yunjing CMS. This vulnerability affects unknown code of the file /index/user/upload_img.html. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212500.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29666,CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36983,This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45586,"Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-29054,"A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-22777,The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-48934,"In the Linux kernel, the following vulnerability has been resolved:

nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

ida_simple_get() returns an id between min (0) and max (NFP_MAX_MAC_INDEX)
inclusive.
So NFP_MAX_MAC_INDEX (0xff) is a valid id.

In order for the error handling path to work correctly, the 'invalid'
value for 'ida_idx' should not be in the 0..NFP_MAX_MAC_INDEX range,
inclusive.

So set it to -1.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-39140,"A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26380,"A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-42502,"In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20523,"In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228222508",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36502,H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2317,The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21149,The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N,3.5,0.9,2.5,LOW,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2022-35229,"An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38163,A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N,3.5,2.1,1.4,LOW,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-22549,"Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26612,"In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30969,A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38454,Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2404,"The WP Popup Builder WordPress plugin before 1.2.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1810,Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-41141,This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16859.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0638,Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-25511,An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-28224,"Clusters using Calico (version 3.22.1 and below), Calico Enterprise (version 3.12.0 and below), may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not enabled. This may allow the attacker to intercept and reroute traffic to their compromised pod.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H,5.5,1.2,4.2,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2022-20227,"In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43458,Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Code Tides Advanced Floating Content plugin <= 1.2.1 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2183,Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35002,JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3941,A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-47330,"In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-44079,pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component __sanitizer::StackDepotBase<__sanitizer::StackDepotNode.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-46702,The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to disclose kernel memory.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22868,"Gibbon CMS v22.0.01 was discovered to contain a cross-site scripting (XSS) vulnerability, that allows attackers to inject arbitrary script via name parameters.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2572,"In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20059,"In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781.",CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40746,"IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system.  IBM X-Force ID:  236581.",CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37865,"With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the ""zip"", ""jar"" or ""war"" packaging Ivy prior to 2.5.1 doesn't verify the target path when extracting the archive. An archive containing absolute paths or paths that try to traverse ""upwards"" using "".."" sequences can then write files to any location on the local fie system that the user executing Ivy has write access to. Ivy users of version 2.4.0 to 2.5.0 should upgrade to Ivy 2.5.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-1430,Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48317,Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44321,PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-39135,"Apache Calcite 1.22.0 introduced the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity (XXE) attack. Therefore any client exposing these operators, typically by using Oracle dialect (the first three) or MySQL dialect (the last one), is affected by this vulnerability (the extent of it will depend on the user under which the application is running). From Apache Calcite 1.32.0 onwards, Document Type Declarations and XML External Entity resolution are disabled on the impacted operators.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23765,This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47355,"In log service, there is a missing permission check. This could lead to local denial of service in log service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22794,"Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /manage/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 and by doing that, the attacker can run Remote Code Execution in one liner.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27942,tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35056,OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-4684,Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23729,"When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26296,BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-21748,"In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06511030; Issue ID: ALPS06511030.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-20916,"A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-37235,Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4560,A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 7.0.32 is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1053,"Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1,",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-34650,Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25149,"The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the IP parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-34199,"Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23482,"xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP).
xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-34056,"The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26711,"An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35526,"WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1536,"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home</title><script>alert(""home"")</script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22435,IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24553,"An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28773,"Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3116,The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-39359,"Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, custom GeoJSON map URL address would follow redirects to addresses that were otherwise disallowed, like link-local or private-network. This issue is patched in versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9. Metabase no longer follow redirects on GeoJSON map URLs. An environment variable `MB_CUSTOM_GEOJSON_ENABLED` was also added to disable custom GeoJSON completely (`true` by default).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-0288,"The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-36490,H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48588,A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41989,"Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execution.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0597,Open Redirect in Packagist microweber/microweber prior to 1.2.11.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-35590,"A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the ""end_date"" Parameter",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-35411,"rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the ""serializer: pickle"" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3018,"An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23801,An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24713,"regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0500,"A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31691,"Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34183,"Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24393,Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “check_vertica_upgrade” value for the “cpIp” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response via an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38212,"Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38203.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41210,"SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings.

",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,5.2,0.9,4.2,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2022-29404,"In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-42339,Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44611,Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0570,Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34640,The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3839,"The Analytics for WP WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24060,This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15099.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29169,"BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service (ReDoS) attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5 service. The useragent library performs checking of device by parsing the input of User-Agent header and lets it go through lookupUserAgent() (alias of useragent.lookup() ). This function handles input by regexing and attackers can abuse that by providing some ReDos payload using `SmartWatch`. The maintainers removed `htmlclient/useragent` from versions 2.3.19, 2.4.7, and 2.5.0-beta.2. As a workaround, disable NginX forwarding the requests to the handler according to the directions in the GitHub Security Advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-33926,Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1046,"The Visual Form Builder WordPress plugin before 3.0.7 does not sanitise and escape the form's 'Email to' field , which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-3305,Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30828,Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25452,Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40655,This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ND2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15071.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48237,"In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-25899,Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35481,OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0789,Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2543,"The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47358,"In log service, there is a missing permission check. This could lead to local denial of service in log service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-29480,"On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-24366,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15853.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48480,Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22455,"IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38723,Gravitee API Management before 3.15.13 allows path traversal through HTML injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,8.6,3.9,4.0,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE
CVE-2022-4163,"The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_deactivate and cg_activate POST parameters before concatenating it to an SQL query in  2_deactivate.php and 4_activate.php, respectively. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-0953,"The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28710,An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41993,Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38292,SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3950sru.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3621,A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3034,"When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-35412,Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N,5.1,0.8,4.2,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2022-40009,SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0025,A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1429,SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. This vulnerability is capable of steal the data,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-28889,"In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-35921,"fof/byobu is a private discussions extension for Flarum forum. Affected versions were found to not respect private discussion disablement by users. Users of Byobu should update the extension to version 1.1.7, where this has been patched. Users of Byobu with Flarum 1.0 or 1.1 should upgrade to Flarum 1.2 or later, or evaluate the impact this issue has on your forum's users and choose to disable the extension if needed. There are no workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-41644,"


Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.



",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25099,A vulnerability in the component /languages/index.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1615,"In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41326,The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32658,"In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21214,"The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25456,Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2542,"The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the ~/app/sites/ajax/actions/keyword_save.php file that is called via the doAjax() function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47010,"An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-27197,"Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure views.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28006,Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32924,"The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40190,"SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-2318,There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-4277,A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25980,"Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerCommon.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2072,"The Name Directory WordPress plugin before 1.25.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. Furthermore, as the payload is also saved into the database after the request, it leads to a Stored XSS as well",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23314,MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2471,"Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2480,Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1566,"The Quotes llama WordPress plugin before 1.0.0 does not sanitise and escape Quotes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. The attack could also be performed by tricking an admin to import a malicious CSV file",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23732,"A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would need to target a user that was actively logged into the management console. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.5 and was fixed in versions 3.1.19, 3.2.11, 3.3.6, 3.4.1. This vulnerability was reported via the GitHub Bug Bounty program.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45825,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <= 2.9.2 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47895,"In JetBrains IntelliJ IDEA before 2022.3.1 the ""Validate JSP File"" action used the HTTP protocol to download required JAR files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-38680,"In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-30829,Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35104,SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset() at /xpdf/Stream.cc.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38303,Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38378,An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.0,0.8,5.2,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-29624,An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34265,An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25523,TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0263,Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20660,"A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22360,"IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 220782.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36606,Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2119,"OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30573,"The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a privilege escalation on the affected ftlserver. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO FTL - Enterprise Edition: version 6.8.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0017,An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect app on other platforms.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31897,SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0943,Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1683,"The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user (and not just Author+ like the original advisory mention) due to the fact that they can execute shortcodes via an AJAX action",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3019,"The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see (bruteforcing comment id's might also be an option but I wouldn't count on it, since it would take a long time to find a valid one).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34187,"Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-1779,"The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-3381,"An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25558,Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36954,"In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-34263,Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1128,Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3317,Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-44016,"An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can download arbitrary files from the web server by abusing an API call: /DS/LM_API/api/ConfigurationService/GetImages with an '""ImagesPath"":""C:\\""' value.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-31069,"NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being inadvertently exposed to such services that should not see them. A new feature has been introduced in the patched version of nestjs-proxy that allows application developers to opt out of forwarding the Authorization headers on a per service basis using the `forwardToken` config setting. Developers are advised to review the README for this library on Github or NPM for further details on how this configuration can be applied. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22079,Denial of service while processing fastboot flash command on mmc due to buffer over read,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,4.6,0.9,3.6,MEDIUM,2024-12-07T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-47950,"An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-34132,Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39185,EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29862,An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-31352,Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manage_service.php?id=.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43461,Stored Cross-Site Scripting (XSS) vulnerability in John West Slideshow SE plugin <= 2.5.5 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-45980,Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43603,A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-0687,"The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the custom ""Amelia Manager"" role.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41599,The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23633,"Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22084,"Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2158,Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32750,"IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228435.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41385,"The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42705,"A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-43032,"An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34439,"Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36972,This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15328.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28715,Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32397,Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/view_visit.php:4,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39389,"Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2022-36124,It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-26094,Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42321,"Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2022-48253,nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28618,"A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20351,"In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224771921",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-44944,Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-39824,"Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perform DoS attacks or achieve an information leak.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H,8.9,2.3,6.0,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,LOW,HIGH
CVE-2022-20453,"In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240685104",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-23365,HMS v1.0 was discovered to contain a SQL injection vulnerability via doctorlogin.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44051,"The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46159,"Discourse is an open-source discussion platform. In version 2.8.13 and prior on the `stable` branch and version 2.9.0.beta14 and prior on the `beta` and `tests-passed` branches, any authenticated user can create an unlisted topic. These topics, which are not readily available to other users, can take up unnecessary site resources. A patch for this issue is available in the `main` branch of Discourse. There are no known workarounds available.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-3505,A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210840.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-25493,HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38878,School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0686,Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-24761,"Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: The use of Python's `int()` to parse strings into integers, leading to `+10` to be parsed as `10`, or `0x01` to be parsed as `1`, where as the standard specifies that the string should contain only digits or hex digits; and Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. This vulnerability has been patched in Waitress 2.1.1. A workaround is available. When deploying a proxy in front of waitress, turning on any and all functionality to make sure that the request matches the RFC7230 standard. Certain proxy servers may not have this functionality though and users are encouraged to upgrade to the latest version of waitress instead.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-35869,This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within com.inductiveautomation.ignition.gateway.web.pages. The issue results from the lack of proper authentication prior to access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17211.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20250,"In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226134095",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34792,A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20010,"In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-37051,An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38184,"There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for ArcGIS to read arbitrary URLs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-22274,A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0366,An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4417,"The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-41327,"A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43106,Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3906,"The Easy Form Builder WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28971,Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36861,Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2022-35105,SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-4705,"The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_final_settings_setup' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to finalize activation of preset site configuration templates, which can be chosen and imported via a separate action documented in CVE-2022-4704.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-32368,itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33048,Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27004,Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34473,The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-35449,OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-35407,"An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42176,"In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23106,Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-21685,"Frontier is Substrate's Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. Users who do not use MODEXP precompile in their runtime are not impacted. A patch is available in pull request #549.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24801,"Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling. Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29485,"Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-0001,Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,6.5,2.0,4.0,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2022-3586,"A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-30351,"PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to be leaked unintentionally. In cases where PDF text objects are present it is possible to copy-paste redacted information into the system clipboard. Once a document is ""locked"" and marked for redaction once, all redactions performed after this feature is triggered are vulnerable.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3780,"Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. 

This issue affects : 
Remote Desktop Manager 2022.3.7 and prior versions.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29701,"A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-45809,"Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.

",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N,3.7,2.2,1.4,LOW,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-4222,A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajax_invoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214523.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20477,"In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-241611867",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31860,An issue was discovered in OpenRemote through 1.0.4 allows attackers to execute arbitrary code via a crafted Groovy rule.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35474,OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20900,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31620,"In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-23690,"A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. This allows an attacker to retrieve information which could be used to more precisely target the switch for further exploitation in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-3829,"The Font Awesome 4 Menus WordPress plugin through 4.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-27188,"OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0502,Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20597,"In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0147,"The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20744,"A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view data without proper authorization. This vulnerability exists because of a protection mechanism that relies on the existence or values of a specific input. An attacker could exploit this vulnerability by modifying this input to bypass the protection mechanism and sending a crafted request to an affected device. A successful exploit could allow the attacker to view data beyond the scope of their authorization.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-37298,Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31211,An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48227,"An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27416,Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26342,A buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25706,"Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41798,"Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-2753,"The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-48951,"In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()

The bounds checks in snd_soc_put_volsw_sx() are only being applied to the
first channel, meaning it is possible to write out of bounds values to the
second channel in stereo controls. Add appropriate checks.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39074,"There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-42199,Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Exam List.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26979,"Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-25730,Information disclosure in modem due to improper check of IP type while processing DNS server query,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-31657,VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43359,Gifdec commit 1dcbae19363597314f6623010cc80abad4e47f7c was discovered to contain an out-of-bounds read in the function read_image_data. This vulnerability is triggered when parsing a crafted Gif file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23925,"Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2022-20504,"In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225878553",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30059,Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-44742,Auth. (admin+) Stored Cross-Site Scripting vulnerability in Yannick Lefebvre Community Events plugin <= 1.4.8 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-34949,Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31287,An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-2557,"The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0409,Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41910,"TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-35715,IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36556,Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08execute_ping_01.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3565,"A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0235,node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30304,"An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack event logview in FortiAnalyzer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-20458,"The logs of sensitive information (PII) or hardware identifier should only be printed in Android ""userdebug"" or ""eng"" build. StatusBarNotification.getKey() could contain sensitive information. However, CarNotificationListener.java, it prints out the StatusBarNotification.getKey() directly in logs, which could contain user's account name (i.e. PII), in Android ""user"" build.Product: AndroidVersions: Android-12LAndroid ID: A-205567776",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-37351,This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-17636.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-32297,Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33138,"A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-35981,"TensorFlow is an open source platform for machine learning. `FractionalMaxPoolGrad` validates its inputs with `CHECK` failures instead of with returning errors. If it gets incorrectly sized inputs, the `CHECK` failure can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 8741e57d163a079db05a7107a7609af70931def4. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-1487,Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36689,Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36223,"In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-43470,"Cross-site request forgery (CSRF) vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the authentication of an administrator and user's unintended operations such as to reboot the product and/or reset the configuration to the initial set-up may be performed.",CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,7.3,2.1,5.2,HIGH,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-23120,A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45918,ILIAS before 7.16 allows External Control of File Name or Path.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-26181,Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0593,"The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,6.5,3.9,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2022-22299,"A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23468,"xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP).
xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36171,MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-1352,"Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-43329,Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29945,DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-35719,"IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in trace files that could be read by a local user.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23973,ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26855,"Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-32035,Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-32900,"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42218,Open Source SACCO Management System v1.0 vulnerable to SQL Injection via /sacco_shield/manage_loan.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29220,"github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-31756,The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23745,A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-41192,"Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1670,"When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-2948,"GE CIMPICITY versions 2022 and prior is 

vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. 

 

",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4542,"The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-40238,A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a user's profile. This can lead to code execution on the server when the user's profile is accessed.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43457,"SQL Injection in 











HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26122,"An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,8.6,3.9,4.0,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE
CVE-2022-41848,"drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.",CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,4.2,0.5,3.6,MEDIUM,2024-12-07T08:00Z,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-27157,pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24792,"PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit apps and should not affect apps that only plays trusted WAV files. A patch is available on the `master` branch of the `pjsip/project` GitHub repository. As a workaround, apps can reject a WAV file received from an unknown source or validate the file first.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-45113,"Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2022-41013,Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null)' command template.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40635,Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35678,"Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41838,A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24918,"An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.",CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N,4.4,1.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41226,Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22636,"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20142,"In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36858,A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33255,Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-30819,"In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of ""photos_edit.php"" file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20204,"In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41677,"An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-22223,"On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition. Continued receipt and processing of these packets will sustain the Denial of Service. This issue affects IPv4 and IPv6 packets. Packets of either type can cause and sustain the DoS event. These packets can be destined to the device or be transit packets. On devices such as the QFX10008 with line cards, line cards can be restarted to restore service. On devices such as the QFX10002 you can restart the PFE service, or reboot device to restore service. This issue affects: Juniper Networks Junos OS on QFX10000 Series: All versions prior to 15.1R7-S11; 18.4 versions prior to 18.4R2-S10, 18.4R3-S10; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S1. An indicator of compromise may be seen by issuing the command: request pfe execute target fpc0 command ""show jspec pechip[3] registers ps l2_node 10"" timeout 0 | refresh 1 | no-more and reviewing for backpressured output; for example: GOT: 0x220702a8 pe.ps.l2_node[10].pkt_cnt 00000076 GOT: 0x220702b4 pe.ps.l2_node[10].backpressured 00000002 <<<< STICKS HERE and requesting detail on the pepic wanio: request pfe execute target fpc0 command ""show pepic 0 wanio-info"" timeout 0 | no-more | match xe-0/0/0:2 GOT: 3 xe-0/0/0:2 10 6 3 0 1 10 189 10 0x6321b088 <<< LOOK HERE as well as looking for tail drops looking at the interface queue, for example: show interfaces queue xe-0/0/0:2 resulting in: Transmitted: Total-dropped packets: 1094137 0 pps << LOOK HERE",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-44584,Unauth. Arbitrary File Deletion vulnerability in WatchTowerHQ plugin <= 3.6.15 on WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-39853,A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27076,Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45039,An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44137,SourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25515,stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38611,Incorrect access control in Watchdog Anti-Virus v1.4.158 allows attackers to perform a DLL hijacking attack and execute arbitrary code via a crafted binary.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34232,"Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-26458,"In vow, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032678; Issue ID: ALPS07032678.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46256,"A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, 3.6.5 and 3.7.2. This vulnerability was reported via the GitHub Bug Bounty program.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37363,This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17673.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44801,D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32248,"Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-1306,Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-43038,Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-1263,"A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-45792,Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27779,"libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's ""cookie engine"" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-29187,"Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39087,"In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-2835,A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,4.4,1.8,2.5,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2022-3127,Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2022-37887,There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24799,"wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receives and views such a malicious message, arbitrary code is injected and executed in the context of the victim. This allows the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-03-30-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-03-30-production.0-v0.29.2-0-d144552 or wire-server 2022-03-30 (chart/4.8.0), so that their applications are no longer affected. There are no known workarounds for this issue. ### Patches * The issue has been fixed in wire-webapp **2022-03-30-production.0** and is already deployed on all Wire managed services. * On-premise instances of wire-webapp need to be updated to docker tag **2022-03-30-production.0-v0.29.2-0-d144552** or wire-server **2022-03-30 (chart/4.8.0)**, so that their applications are no longer affected. ### Workarounds * No workarounds known ### For more information If you have any questions or comments about this advisory feel free to email us at [vulnerability-report@wire.com](mailto:vulnerability-report@wire.com) ### Credits We thank [Posix](https://twitter.com/po6ix) for reporting this vulnerability",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-29428,Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-46463,"An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this ""is clearly described in the documentation as a feature.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-21496,"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-45082,Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23711,A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-39377,"sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47501,"Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a 
pre-authentication attack.
This issue affects Apache OFBiz: before 18.12.07.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1567,"The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-36174,FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36034,nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of `{{` and with many repetitions of `{{|`. This issue has been patched in all versions above `0.2.5`. There are currently no known workarounds.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-43522,"Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the Aruba EdgeConnect Enterprise Orchestrator host in Aruba EdgeConnect Enterprise Orchestration Software version(s): Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators - Orchestrator 9.2.1.40179 and below, - Orchestrator 9.1.4.40436 and below, - Orchestrator 9.0.7.40110 and below, - Orchestrator 8.10.23.40015 and below, - Any older branches of Orchestrator not specifically mentioned.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3699,"
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45



 that could allow a local user to execute code with elevated privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20616,"Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it's a zip file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-28740,aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23377,Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an attacker to retrieve local files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-27229,"Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1543,Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34282,A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-047),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-25822,An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.2,2.5,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34330,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  229469.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-41940,"Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. There are patches for this issue released in versions 3.6.1 and 6.2.1.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-36444,"An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-40205,Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-25303,"The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via the query string parameter q. In the case where it does not contain the http string, it is used to build the error_message that is then rendered in the error.html template, using the [flask.render_template](https://flask.palletsprojects.com/en/2.1.x/api/flask.render_template) function. However, the error_message is rendered using the [| safe filter](https://jinja.palletsprojects.com/en/3.1.x/templates/working-with-automatic-escaping), meaning the user input is not escaped.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-32927,"The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-43945,The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20869,"A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38757,"A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-45338,An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1886,Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39893,Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-34450,"
PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root.





",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26760,A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30110,"The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users' browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38295,Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /table_manager/view/cu_user_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-39100,"In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-34464,"A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-2008,Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41381,"The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29965,"The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. NOTE: this is different from CVE-2014-2350.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43932,Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-24588,Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28721,Certain HP Print Products are potentially vulnerable to Remote Code Execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30715,Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-33961,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <= 7.5.8 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-29439,Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-37005,The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23112,A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-41697,A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-22758,"When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37181,72crm 9.0 has an Arbitrary file upload vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28946,"An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20835,"Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
     
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24027,A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommon.so binary.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46583,TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reboot_type parameter in the wizard_ipv6 (sub_41C380) function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33944,"The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-33920,"Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26308,"Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2022-28131,Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-38085,Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam plugin <= 1.1.8 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33718,An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-1208,"The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-2374,"The Simply Schedule Appointments WordPress plugin before 1.5.7.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-31988,Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-20541,"In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126",CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N,4.2,0.6000000000000001,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41485,Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-22064,"Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-24221,eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1988,Cross-site Scripting (XSS) - Generic in GitHub repository neorazorx/facturascripts prior to 2022.09.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-26493,"Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles. This vulnerability is not mitigated by configuring the module to enforce signatures or certificate checks. Xecurify recommends updating miniOrange modules to their most recent versions. This vulnerability is present in paid versions of the miniOrange Drupal SAML SP product affecting Drupal 7, 8, and 9.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30587,Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-37898,"Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. 

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47325,"In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1987,Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-2951,"


Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.






",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4061,"The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-37430,Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2).,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-29950,Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the (1) rule name parameter to the Rules page or the (2) subrule name or (3) categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-28070,A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-46906,"Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23723,An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,7.7,3.1,4.0,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE
CVE-2022-29510,Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29609,"An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-4155,"The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with administrator privileges (i.e. on multisite WordPress configurations) to leak sensitive information from the site's database.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1137,Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3927,"
The affected products store both public and private key that are used to sign and
protect Custom Parameter Set (CPS) file from modification. An attacker that manages to exploit this vulnerability will be able to change
the CPS file, sign it so that it is trusted as the legitimate CPS file.








This issue affects 



  *  FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; 
  *  UNEM product: UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.




List of CPEs: 
  *  cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:*

  *  cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:*
  *  cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*








",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-23438,An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-27866,A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39343,"Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22323,"IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-42187,Hustoj 22.09.22 has a XSS Vulnerability in /admin/problem_judge.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-23744,Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L,2.3,0.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2022-42156,"D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44574,An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-24811,"Combodi iTop is a web based IT Service Management tool. Prior to versions 2.7.6 and 3.0.0, cross-site scripting is possible for scripts outside of script tags when displaying HTML attachments. This issue is fixed in versions 2.7.6 and 3.0.0. There are currently no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30513,School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4819,A vulnerability was found in HotCRP. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is d4ffdb0ef806453c54ddca7fdda3e5c60356285c. It is recommended to apply a patch to fix this issue. VDB-216998 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38724,"Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30958,"A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44049,"The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48594,A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-35572,"On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. This web page calls a show_sysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS Pins, and hardware/firmware versions, and prints this information into the web page. This web page is visible when remote management is enabled. A user who has access to the web interface of the device can extract these secrets. If the device has remote management enabled and is connected directly to the internet, this vulnerability is exploitable over the internet without interaction.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-1123,"The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-24628,An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is authenticated SQL injection in the id parameter of IPPhoneFirmwareEdit.php.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0603,Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4807,Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-45393,A cross-site request forgery (CSRF) vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N,3.5,2.1,1.4,LOW,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-20071,"In ccu, there is a possible escalation of privilege due to a missing certificate validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06183315; Issue ID: ALPS06183315.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33257,Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-07T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28634,"A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-36367,Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-43672,"Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39859,Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-34551,Sims v1.0 was discovered to allow path traversal when downloading attachments.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-29515,Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3358,"OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-36326,"An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3160,"
The APDFL.dll contains an out-of-bounds write past the fixed-length 
heap-based buffer while parsing specially crafted PDF files. This could 
allow an attacker to execute code in the context of the current process.



",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-31206,"The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC's runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC's CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41657,"
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations and could ultimately result in remote code execution. 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0847,"A flaw was found in the way the ""flags"" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-33004,"The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-1328,Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-36570,Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46295,Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the Gaussian file format,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-28104,Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22788,"The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-4851,Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-38124,Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-32771,"A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.This vulnerability arrises from the ""success"" parameter which is inserted into the document with insufficient sanitization.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-28917,Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20709,"Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2022-39279,"discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsafe HTML into them. Version 0.9 has addressed this issue. Users are advised to upgrade. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-40480,"Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain an issue which allows attackers to cause a Denial of Service (DoS) via a crafted ConReq packet.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-28063,Simple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-3030,"An improper access control issue in GitLab CE/EE affecting all versions starting before 15.1.6, all versions from 15.2 before 15.2.4, all versions from 15.3 before 15.3.2 allows disclosure of pipeline status to unauthorized users.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-0266,Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.,CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-07T08:00Z,NETWORK,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37238,MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-38533,"In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-47065,"TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29909,"Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-38485,A directory traversal vulnerability exists in the AgeVolt Portal prior to version 0.1 that leads to Information Disclosure. A remote authenticated attacker could leverage this vulnerability to read files from any location on the target operating system with web server privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-41260,"SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input which may allow an unauthenticated attacker to inject a web script via a GET request. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-34911,"An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to ""Welcome"" followed by the username, the username is not escaped: SpecialCreateAccount::successfulAction() calls ::showSuccessPage() with a message as second parameter, and OutputPage::setPageTitle() uses text().",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-30592,liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-22626,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2022-28206,An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-21162,Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-3763,"The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in shop manager or admin delete them via a CSRF attack",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-20231,"In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/A",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-26635,PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37611,Prototype pollution vulnerability in tschaub gh-pages 3.1.0 via the partial variable in util.js.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-30526,"A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-48964,"In the Linux kernel, the following vulnerability has been resolved:

ravb: Fix potential use-after-free in ravb_rx_gbeth()

The skb is delivered to napi_gro_receive() which may free it, after calling this,
dereferencing skb may trigger use-after-free.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-29265,"Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML External Entity references when configured with default property values: - EvaluateXPath - EvaluateXQuery - ValidateXml Apache NiFi flow configurations that include these Processors are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations in the default configuration for these Processors, and disallows XML External Entity resolution in standard services.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-46670,"
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution.  The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website. 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-4944,"A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.50 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227000.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-25155,"Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GN11-T2 all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GN11-EIP all versions, Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4) all versions, Mitsubishi Electric MELSEC iQ-R series RJ71EN71 all versions, Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2 all versions, Mitsubishi Electric MELSEC Q series Q03UDECPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU all versions, Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4) all versions, Mitsubishi Electric MELSEC Q series QJ71E71-100 all versions, Mitsubishi Electric MELSEC Q series QJ72BR15 all versions, Mitsubishi Electric MELSEC Q series QJ72LP25(-25/G/GE) all versions, Mitsubishi Electric MELSEC L series L02/06/26CPU(-P) all versions, Mitsubishi Electric MELSEC L series L26CPU-(P)BT all versions, Mitsubishi Electric MELSEC L series LJ71C24(-R2) all versions, Mitsubishi Electric MELSEC L series LJ71E71-100 all versions and Mitsubishi Electric MELSEC L series LJ72GF15-T2 all versions allows a remote unauthenticated attacker to login to the product by replaying an eavesdropped password hash.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-39852,A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0838,Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-24412,"Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-20001,"fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory into one controlled by the attacker, such as on a shared file system or extracted archive, fish will run arbitrary commands under the attacker's control. This problem has been fixed in fish 3.4.0. Note that running git in these directories, including using the git tab completion, remains a potential trigger for this issue. As a workaround, remove the `fish_git_prompt` function from the prompt.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-27094,Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-32827,"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2022-34991,Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-22401,IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information.  IBM X-Force ID:  222567.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-23620,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandler#processSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML export process to contain reference elements containing filesystem syntax like ""../"", ""./"". or ""/"" in general. The referenced elements are not properly escaped. This issue has been resolved in version 13.6-rc-1. This issue can be worked around by limiting or disabling document export.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2022-4845,Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2022-20539,"In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291425",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0140,"The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-4529,"The Security, Antivirus, Firewall – S.A.F plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.3.5. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2022-32257,A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-37403,Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nikhil Vaghela's Add User Role plugin <= 0.0.1 at WordPress.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-47498,"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-07T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-3060,Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N,7.3,2.1,5.2,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2022-30400,Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-47648,"An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an insider attacker can gain access to the same panel without requiring any sort of authorization. The B420 module was already obsolete at the time this vulnerability was found (The End of Life announcement was made in 2013).",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43022,OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2022-32260,A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-43717,Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2022-34655,"In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-29304,Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-0715,"A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series ID=1031: UPS 03.1 and prior), SMC Series (SMC Series ID=1005: UPS 14.1 and prior / SMC Series ID=1007: UPS 11.0 and prior / SMC Series ID=1041: UPS 01.1 and prior), SCL Series (SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior), SMX Series (SMX Series ID=20: UPS 10.2 and prior / SMX Series ID=23: UPS 07.0 and prior), SRT Series (SRT Series ID=1010/1019/1025: UPS 08.3 and prior / SRT Series ID=1024: UPS 01.0 and prior / SRT Series ID=1020: UPS 10.4 and prior / SRT Series ID=1021: UPS 12.2 and prior / SRT Series ID=1001/1013: UPS 05.1 and prior / SRT Series ID=1002/1014: UPSa05.2 and prior), APC SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2022-43143,A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-07T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2022-25048,Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-42067,Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2022-24166,Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-07T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2022-37391,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17661.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-44733,Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-07T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-46610,72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2022-41949,"DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources (like third party servers). This could allow an attacker, for example, to identify vulnerable services which might not be otherwise exposed to the public internet or to determine whether a specific file is present on the DHIS2 server. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. At this time, there is no known workaround or mitigation for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-07T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-6876,"The Clever Fox – One Click Website Importer by Nayra Themes plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'clever-fox-activate-theme' function in all versions up to, and including, 25.2.0. This makes it possible for authenticated attackers, with subscriber access and above, to modify the active theme, including to an invalid value which can take down the site.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2023-5911,"The WP Custom Cursors | WordPress Cursor Plugin WordPress plugin through 3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-47517,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-32619,"Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51717,Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42528,Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2097,A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24417,Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Worthy plugin <= 1.6.5-6497609 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-50928,"""Sandbox Accounts for Events"" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-29914,H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-47131,The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-26474,"XWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27260,Unauthenticated SQL injection in the GetAssignmentsDue        method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.  ,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-25183,"
































In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.





















",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22888,"Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-29347,Windows Admin Center Spoofing Vulnerability,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N,6.8,2.3,4.0,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,NONE,HIGH,NONE
CVE-2023-28722,Improper buffer restrictions for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2892,"The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_delete_product function. This makes it possible for unauthenticated attackers to bulk delete products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-24471,"An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality.

An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normally be not accessible in the Query and Assertions functions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4115,A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1415,A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32290,The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-27033,Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52101,Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-46857,"Squidex before 7.9.0 allows XSS via an SVG document to the Upload Assets feature. This occurs because there is an incomplete blacklist in the SVG inspection, allowing JavaScript in the SRC attribute of an IFRAME element. An authenticated attack with assets.create permission is required for exploitation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-31465,"An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4850,"A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=dashboard/position/del. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239259.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0209,"NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39939,SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-5702,A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2295,"A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-21446,"Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-24993,A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0311,Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31847,"In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-49178,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr. Hdwplayer HDW Player Plugin (Video Player & Video Gallery) allows Reflected XSS.This issue affects HDW Player Plugin (Video Player & Video Gallery): from n/a through 5.0.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4219,A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236365 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4968,"The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wplegalpage' shortcode in versions up to, and including, 2.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with author-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-36137,"There is a Cross Site Scripting (XSS) vulnerability in the ""theme"" parameter of preview.php in PHPJabbers Class Scheduling System 1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4148,"The Ditty WordPress plugin before 3.1.25 does not sanitise and escape some parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22815,"Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have admin/root privileges to carry out the exploit. An authentication bypass is required for this exploit, thereby making it more complex. The attack may not require user interaction. Since an attacker must already be authenticated, the confidentiality impact is low while the integrity and availability impact is high. 

This issue affects My Cloud OS 5 devices: before 5.26.300.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H,6.7,1.2,5.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,HIGH,HIGH
CVE-2023-1181,Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-35811,"An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. Two SQL Injection vectors have been identified in the REST API. By using crafted requests, custom SQL code can be injected through the REST API because of missing input validation. Regular user privileges can use used for exploitation. Editions other than Enterprise are also affected.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24403,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-24436,A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-26562,"In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-22934,"In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,8.0,2.1,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38621,Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28561,Memory corruption in QESL while processing payload from external ESL device to firmware.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3658,"A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=delete_book of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-234012.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48300,"The `Embed Privacy` plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via `embed_privacy_opt_out` shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Version 1.8.1 contains a patch for this issue.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43717,"Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the ""MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]"" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-45247,"Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-0513,A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.3 is able to address this issue. It is recommended to upgrade the affected component. VDB-219334 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-41093,"Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,3.1,1.6,1.4,LOW,2024-12-09T08:00Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-34137,"SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0602,"The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-48278,"Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29389,"Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged ""Key is validated"" messages via CAN Injection, as exploited in the wild in (for example) July 2022.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39949,"eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-50330,A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30784,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin <= 1.5.2 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-35184,The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0942,"The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3316,"A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-20925,"In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236674672References: N/A",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5077,"The Vault and Vault Enterprise (""Vault"") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-28772,An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52146,"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-38505,"DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won't provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-32411,"This issue was addressed with improved entitlements. This issue is fixed in tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-38718,"IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data.  IBM X-Force ID:  261606.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-42456,"Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. Only once a configurable timeout has passed will the user have to re-authenticate themselves. Supporting this functionality is a set of session files (timestamps) for each user, stored in `/var/run/sudo-rs/ts`. These files are named according to the username from which the sudo attempt is made (the origin user).

An issue was discovered in versions prior to 0.2.1 where usernames containing the `.` and `/` characters could result in the corruption of specific files on the filesystem. As usernames are generally not limited by the characters they can contain, a username appearing to be a relative path can be constructed. For example we could add a user to the system containing the username `../../../../bin/cp`. When logged in as a user with that name, that user could run `sudo -K` to clear their session record file. The session code then constructs the path to the session file by concatenating the username to the session file storage directory, resulting in a resolved path of `/bin/cp`. The code then clears that file, resulting in the `cp` binary effectively being removed from the system.

An attacker needs to be able to login as a user with a constructed username. Given that such a username is unlikely to exist on an existing system, they will also need to be able to create the users with the constructed usernames.

The issue is patched in version 0.2.1 of sudo-rs. Sudo-rs now uses the uid for the user instead of their username for determining the filename. Note that an upgrade to this version will result in existing session files being ignored and users will be forced to re-authenticate. It also fully eliminates any possibility of path traversal, given that uids are always integer values.

The `sudo -K` and `sudo -k` commands can run, even if a user has no sudo access. As a workaround, make sure that one's system does not contain any users with a specially crafted username. While this is the case and while untrusted users do not have the ability to create arbitrary users on the system, one should not be able to exploit this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-36397,Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23001,"In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-40643,"In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-24959,IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration.  IBM X-Force ID:  246332.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34971,"An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors.

We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25663,"TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28813,"An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files. ",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-6700,"The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-47236,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-50993,Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33580,"Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the ""Admin Name"" field on Admin Profile page.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23956,A user can supply malicious HTML and JavaScript code that will be executed in the client browser,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2155,A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file classes/Master.php?f=save_cargo_type. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226276.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-48826,Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6875,"The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52139,"Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L811) or [secure](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L805) without the user's permission and perform operations such as reading or adding non-public content. As a result, if the user who authenticated the application is an administrator, confidential information such as object storage secret keys and SMTP server passwords will be leaked, and general users can also create invitation codes without permission and leak non-public user information. This is patched in version [2023.12.1](https://github.com/misskey-dev/misskey/commit/c96bc36fedc804dc840ea791a9355d7df0748e64).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N,9.6,3.1,5.8,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,NONE
CVE-2023-36646,Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30790,MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-34365,A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24781,Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45880,"GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname (and extension). This allows creation of PHP files outside of the uploads directory, directly in the webroot.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42947,"A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to break out of its sandbox.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-25210,Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39275,Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24404,Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage Marketing Performance plugin <= 2.0.0 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4004,"A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23547,A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21176,"In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-47801,An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Administrators) could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password Record API Key to Copy/Move private password records.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L,4.7,1.2,3.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2023-28999,"Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.? This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L,6.4,0.9,5.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,LOW
CVE-2023-31902,RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20890,Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34488,NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed messages.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22889,SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42740,"In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23733,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <= 2.0.4 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-31981,Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42666,"












The affected product is vulnerable to an exposure of sensitive information to an unauthorized actor vulnerability, which may allow an attacker to create malicious requests for obtaining the information of the version about the web server used.













",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-3691,"A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.8.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-234237 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23927,"Craft is a platform for creating digital experiences. When you insert a payload inside a label name or instruction of an entry type, an cross-site scripting (XSS) happens in the quick post widget on the admin dashboard. This issue has been fixed in version 4.3.7.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-36387,"An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2023-38678,"OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34194,StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-35917,Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5639,"The Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tmfshortcode' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21340,"In Telecomm, there is a possible way to get the call state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-23772,"Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33080,Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-46421,TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21515,InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0321,"Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the default configuration, allow this situation via the PakBus port. The exploitation of this vulnerability may allow an attacker to download, modify, and upload new configuration files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-45008,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPJohnny Comment Reply Email plugin <= 1.0.3 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27394,"Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27601,"OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP body that does not terminate by a line feed (i.e. `\n`).

The vulnerability was found while performing black-box fuzzing against an OpenSIPS server running a configuration that made use of the functions `codec_delete_except_re` and `codec_delete_re`. The same issue was also discovered while performing coverage guided fuzzing on the function `codec_delete_except_re`. The crash happens because the function `delete_sdp_line` expects that an SDP line is terminated by a line feed (`\n`):

By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. Due to the sanity check that is performed in the `del_lump` function, exploitation of this issue will generate an `abort` in the lumps processing function, resulting in a Denial of Service. This issue has been fixed in versions 3.1.7 and 3.2.4.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34050,"









In spring AMQP versions 1.0.0 to
2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class
names were added to Spring AMQP, allowing users to lock down deserialization of
data in messages from untrusted sources; however by default, when no allowed
list was provided, all classes could be deserialized.



Specifically, an application is
vulnerable if




   *  the
     SimpleMessageConverter or SerializerMessageConverter is used

   *  the user
     does not configure allowed list patterns

   *  untrusted
     message originators gain permissions to write messages to the RabbitMQ
     broker to send malicious content









",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-41158,A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the description field while creating a new MIME type program.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43784,Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21351,"In multiple locations, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0264,"A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L,5.0,1.6,3.4,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2023-30946,"A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UUID of the author, and the user-defined title of the issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-29069,"A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability.
",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35035,"Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51655,In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38368,IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls.  IBM X-Force ID:  261195.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-26515,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ko Takagi Simple Slug Translate plugin <= 2.7.2 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3687,A vulnerability was found in Bylancer QuickVCard 2.1. It has been rated as critical. This issue affects some unknown processing of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be initiated remotely. The identifier VDB-234233 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20019,"A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.

 This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-34219,In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-26140,Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerable to Cross-site Scripting (XSS) via embedded links in whiteboard objects due to improper input sanitization.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-24763,"In the module ""Xen Forum"" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32273,Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32201.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24320,An access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated attackers to execute arbitrary commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6707,Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26332,Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6456,"The WP Review Slider WordPress plugin before 13.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-25954,"KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user's Android device, the app may send an intent and direct the affected app to download malicious files or apps to the device without notification.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-25572,"react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and using the `<RichTextField>` are affected. `<RichTextField>` outputs the field value using `dangerouslySetInnerHTML` without client-side sanitization. If the data isn't sanitized server-side, this opens a possible cross-site scripting (XSS) attack. Versions 3.19.12 and 4.7.6 now use `DOMPurify` to escape the HTML before outputting it with React and `dangerouslySetInnerHTML`. Users who already sanitize HTML data server-side do not need to upgrade. As a workaround, users may replace the `<RichTextField>` by a custom field doing sanitization by hand.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-38840,Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43575,A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. ,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21611,"Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22321,"


Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. 

 

",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-23785,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCult Exquisite PayPal Donation plugin <= v2.0.0 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-48307,"Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for this issue. As a workaround, disable the mail app.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-36558,ASP.NET Core - Security Feature Bypass Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-33883,"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-37868,"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-48302,"Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, when a user is tricked into copy pasting HTML code without markup (Ctrl+Shift+V) the markup will actually render. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.13, 26.0.8, and 27.1.3 contain a fix for this issue. As a workaround, disable app text.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-26818,"Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42942,"This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5228,"The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-42870,"A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28346,"An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc. despite Virtual Host Routing being used to block this access. Remote attackers can interact with private pages on the web server, enabling them to perform privileged actions such as logging into the console and changing console settings if they have valid credentials.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.3,2.1,5.2,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-21588,"Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-36146,A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23925,"Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation (EXIST), where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS). This issue has been patched in version 3.1.4. As a workaround, avoid using Strategy settings that use REGEX in conjunction with EXIST and NOT_EXIST operations.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-6356,"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-46496,Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H,8.3,2.8,5.5,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,HIGH,HIGH
CVE-2023-22668,Memory Corruption in Audio while invoking IOCTLs calls from the user-space.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22508,"This High severity RCE (Remote Code Execution) vulnerability known as CVE-2023-22508 was introduced in version 6.1.0 of Confluence Data Center & Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction. Atlassian recommends that you upgrade your instance to avoid this bug using the following options: * Upgrade to a Confluence feature release greater than or equal to 8.2.0 (ie: 8.2, 8.2, 8.4, etc...) * Upgrade to a Confluence 7.19 LTS bugfix release greater than or equal to 7.19.8 (ie: 7.19.8, 7.19.9, 7.19.10, 7.19.11, etc...) * Upgrade to a Confluence 7.13 LTS bugfix release greater than or equal to 7.13.20 (Release available early August) See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Data Center & Server from the download center (https://www.atlassian.com/software/confluence/download-archives ). If you are unable to upgrade your instance please use the following guide to workaround the issue https://confluence.atlassian.com/confkb/how-to-disable-the-jmx-network-port-for-cve-2023-22508-1267761550.html This vulnerability was discovered by a private user and reported via our Bug Bounty program.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37644,"SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-37532,"HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-5690,Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0945,"A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input ""><img src=x onerror=prompt(document.domain);> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221592.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33782,D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38910,"CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-48645,"An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance module of the app. This allows performing queries on the local database.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0636,"Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Command Injection.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.0; NEXUS Series: from 3.0;0 before 3.07.0; MATRIX Series: from 3.0;0 before 3.07.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38691,"matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library does not check that the servername part of the `sub` parameter (containing the user's *claimed* MXID) is the the same as the servername we are talking to. A malicious actor could spin up a server on any given domain, respond with a `sub` parameter according to the user they want to act as and use the resulting token to perform provisioning requests. Versions 8.1.2 and 9.0.1 contain a patch. As a workaround, disable the provisioning API.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5376,An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-3256,"Advantech R-SeeNet 
versions 2.4.22 
allows low-level users to access and load the content of local files.



",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-33553,An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35779,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Seed Webs Seed Fonts plugin <= 2.3.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-7265,"Permission verification vulnerability in the lock screen module
Impact: Successful exploitation of this vulnerability may affect availability",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.2,2.5,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-23906,"Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-37975,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-24747,Jfinal CMS v5.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /system/dict/list.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1655,Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33947,"The Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virtual instance in search which allows remote authenticated users in one virtual instance to view object definition from a second virtual instance by searching for the object definition.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-41708,"References to the ""app loader"" functionality could contain redirects to unexpected locations. Attackers could forge app references that bypass existing safeguards to inject malicious script code. Please deploy the provided updates and patch releases. References to apps are now controlled more strict to avoid relative references. No publicly available exploits are known.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-52894,"In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()

In Google internal bug 265639009 we've received an (as yet) unreproducible
crash report from an aarch64 GKI 5.10.149-android13 running device.

AFAICT the source code is at:
  https://android.googlesource.com/kernel/common/+/refs/tags/ASB-2022-12-05_13-5.10

The call stack is:
  ncm_close() -> ncm_notify() -> ncm_do_notify()
with the crash at:
  ncm_do_notify+0x98/0x270
Code: 79000d0b b9000a6c f940012a f9400269 (b9405d4b)

Which I believe disassembles to (I don't know ARM assembly, but it looks sane enough to me...):

  // halfword (16-bit) store presumably to event->wLength (at offset 6 of struct usb_cdc_notification)
  0B 0D 00 79    strh w11, [x8, #6]

  // word (32-bit) store presumably to req->Length (at offset 8 of struct usb_request)
  6C 0A 00 B9    str  w12, [x19, #8]

  // x10 (NULL) was read here from offset 0 of valid pointer x9
  // IMHO we're reading 'cdev->gadget' and getting NULL
  // gadget is indeed at offset 0 of struct usb_composite_dev
  2A 01 40 F9    ldr  x10, [x9]

  // loading req->buf pointer, which is at offset 0 of struct usb_request
  69 02 40 F9    ldr  x9, [x19]

  // x10 is null, crash, appears to be attempt to read cdev->gadget->max_speed
  4B 5D 40 B9    ldr  w11, [x10, #0x5c]

which seems to line up with ncm_do_notify() case NCM_NOTIFY_SPEED code fragment:

  event->wLength = cpu_to_le16(8);
  req->length = NCM_STATUS_BYTECOUNT;

  /* SPEED_CHANGE data is up/down speeds in bits/sec */
  data = req->buf + sizeof *event;
  data[0] = cpu_to_le32(ncm_bitrate(cdev->gadget));

My analysis of registers and NULL ptr deref crash offset
  (Unable to handle kernel NULL pointer dereference at virtual address 000000000000005c)
heavily suggests that the crash is due to 'cdev->gadget' being NULL when executing:
  data[0] = cpu_to_le32(ncm_bitrate(cdev->gadget));
which calls:
  ncm_bitrate(NULL)
which then calls:
  gadget_is_superspeed(NULL)
which reads
  ((struct usb_gadget *)NULL)->max_speed
and hits a panic.

AFAICT, if I'm counting right, the offset of max_speed is indeed 0x5C.
(remember there's a GKI KABI reservation of 16 bytes in struct work_struct)

It's not at all clear to me how this is all supposed to work...
but returning 0 seems much better than panic-ing...",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-42455,"Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the API, even if their dashboard role is not. Version 4.4.2 contains a fix. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35774,Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.4.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52148,"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.30.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-25964,"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20613,"In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23792,Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly plugin <= 1.2.0 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20230,"A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different security domain on an affected system.

 This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy for policies outside the tenant boundaries. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete policies created by users associated with a different security domain. Exploitation is not possible for policies under tenants that an attacker has no authorization to access.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2023-47175,Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-35158,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. ",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2078,"The ""Buy Me a Coffee – Button and Widget Plugin"" plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the recieve_post, bmc_disconnect, name_post, and widget_post functions in versions up to, and including, 3.7. This makes it possible for authenticated attackers, with minimal permissions such as subscribers, to update the plugins settings. CVE-2023-25030 may be a duplicate of this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-2796,"The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-25809,"runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add `/sys/fs/cgroup` to `maskedPaths`.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L,6.3,2.0,3.7,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,LOW,LOW,LOW
CVE-2023-22595,IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  244076.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0424,"The MS-Reviews WordPress plugin through 1.5 does not sanitise and escape reviews, which could allow users any authenticated users, such as Subscribers to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4095,"User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to obtain a list of registered users in the application, obtaining the necessary information to perform more complex attacks on the platform.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-49121,A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43239,D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20256,"Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N,5.8,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,LOW,NONE
CVE-2023-41361,An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5850,Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-45644,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anurag Deshmukh CPT Shortcode Generator plugin <= 1.0 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30993,IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account.  IBM X-Force ID:  254136.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-37134,A stored cross-site scripting (XSS) vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-7008,"A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,5.9,2.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-26509,AnyDesk 7.0.8 allows remote Denial of Service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-20520,"Improper access control settings in ASP
Bootloader may allow an attacker to corrupt the return address causing a
stack-based buffer overrun potentially leading to arbitrary code execution.







",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6446,"The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-49796,"MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a limited file write vulnerability in `file.py` Users should use MindsDB's `staging` branch or v23.11.4.1, which contain a fix for the issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-20773,"In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07611449; Issue ID: ALPS07441735.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28856,"Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-24329,An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-25647,"


There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.



",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-23670,Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Team Heateor Fancy Comments WordPress plugin <= 1.2.10 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1346,"The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the clear_page_cache function. This makes it possible for unauthenticated attackers to clear the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-6368,"In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-47062,Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5791,"A vulnerability, which was classified as problematic, was found in SourceCodester Sticky Notes App 1.0. This affects an unknown part of the file endpoint/add-note.php. The manipulation of the argument noteTitle/noteContent leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243597 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-5114,"The idbbee plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'idbbee' shortcode in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-34385,"Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1505,"A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-223409 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51095,Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49126,A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48420,there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49947,Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-38075,"A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46852,"In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the ""get"" substring.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-29049,"The ""upsell"" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain. User input for this widget is now sanitized to avoid malicious content the be processed. No publicly available exploits are known.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-28823,Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41742,"Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2604,"The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘search_term’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20878,VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41807,Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24081,Multiple stored cross-site scripting (XSS) vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-40800,"The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38553,"In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51676,"Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4347,Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23828,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Swashata WP Category Post List Widget plugin <= 2.0.3 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-38406,"bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ""flowspec overflow.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33245,"Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24392,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30415,Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5261,"A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240870 is the identifier assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31091,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37281,"Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when processing the various IPv6 header fields during IPHC header decompression, Contiki-NG confirms the received packet buffer contains enough data as needed for that field. But no similar check is done before decompressing the IPv6 address. Therefore, up to 16 bytes can be read out of bounds on the line with the statement `memcpy(&ipaddr->u8[16 - postcount], iphc_ptr, postcount);`. The value of `postcount` depends on the address compression used in the received packet and can be controlled by the attacker. As a result, an attacker can inject a packet that causes an out-of-bound read. As of time of publication, a patched version is not available. As a workaround, one can apply the changes in Contiki-NG pull request #2509 to patch the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-2174,"The BadgeOS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_badgeos_log_entries function in versions up to, and including, 3.7.1.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete the plugin's log entries.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-6558,"The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_import_file' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5537,"The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing nonce validation on the delumet_options_page() function. This makes it possible for unauthenticated attackers to remove user meta for arbitrary users via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-1680,"A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. This issue affects some unknown processing of the file /dayrui/My/View/main.html. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224237 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0342,"MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-47548,"URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20219,"Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34478,"Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.

Mitigation: Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1070,External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,7.1,2.8,4.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2023-39198,"A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33536,"TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-30442,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options.  IBM X-Force ID:  253202.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-29011,"Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`'s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\etc\connectrc`. Since `C:\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `<drive>:\etc\connectrc` files on multi-user machines.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42828,This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.5. An app may be able to gain root privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0248,"An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.

",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.3,1.6,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22756,"There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49182,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fabio Marzocca List all posts by Authors, nested Categories and Titles allows Reflected XSS.This issue affects List all posts by Authors, nested Categories and Titles: from n/a through 2.7.10.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1352,"A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222851.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32714,"In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-49280,"XWiki Change Request is an XWiki application allowing to request changes on a wiki without publishing directly the changes. Change request allows to edit any page by default, and the changes are then exported in an XML file that anyone can download. So it's possible for an attacker to obtain password hash of users by performing an edit on the user profiles and then downloading the XML file that has been created. This is also true for any document that might contain password field and that a user can view.
This vulnerability impacts all version of Change Request, but the impact depends on the rights that has been set on the wiki since it requires for the user to have the Change request right (allowed by default) and view rights on the page to target. This issue cannot be easily exploited in an automated way. The patch consists in denying to users the right of editing pages that contains a password field with change request. It means that already existing change request for those pages won't be removed by the patch, administrators needs to take care of it. The patch is provided in Change Request 1.10, administrators should upgrade immediately. It's possible to workaround the vulnerability by denying manually the Change request right on some spaces, such as XWiki space which will include any user profile by default.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34959,An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information on the services running on the server via crafted requests in the social and links tools.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-25793,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in George Pattihis Link Juice Keeper plugin <= 2.0.2 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-38873,"The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a ""UI redress attack"", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. Thus, the attacker is ""hijacking"" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-26023,Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks.  IBM X-Force ID:  247896.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-40444,A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4417,"Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-33906,"In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-37369,"In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34433,"












PiiGAB M-Bus stores passwords using a weak hash algorithm.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33333,"Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20933,"In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-47244,"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Omnisend Email Marketing for WooCommerce by Omnisend.This issue affects Email Marketing for WooCommerce by Omnisend: from n/a through 1.13.8.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-46198,Cross-Site Request Forgery (CSRF) vulnerability in Scientech It Solution Appointment Calendar plugin <= 2.9.6 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41652,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50612,"Insecure Permissions vulnerability in fit2cloud Cloud Explorer Lite version 1.4.1, allow local attackers to escalate privileges and obtain sensitive information via the cloud accounts parameter.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5831,"An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected versions with this default-disabled feature flag enabled may unintentionally disclose GitLab version metadata to unauthorized actors.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-0114,A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The identifier of this vulnerability is VDB-217592.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-24402,"Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21494,Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41163,A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20998,"In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749936",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2375,A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This issue affects some unknown processing of the component Web Management Interface. The manipulation of the argument src leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227651.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25449,"Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4369,Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26776,Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the post_receiver-services.php file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0907,"A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is the function 0x220017 in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221456.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-5744,"The Very Simple Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vsgmap' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-42476,"SAP Business Objects Web Intelligence - version 420,  allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that the user has access to. In the worst case, attacker could access data from reporting databases.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N,6.8,2.3,4.0,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,NONE,NONE
CVE-2023-48887,A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35188,"
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5671,HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0116,The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-48631,@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-22948,"An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph cluster.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22597,"
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could intercept this communication and steal sensitive information such as configuration information and MQTT credentials; this could allow MQTT command injection. 

",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43876,A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4708,A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-238571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5556,Cross-site Scripting (XSS) - Reflected in GitHub repository structurizr/onpremises prior to 3194.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46540,TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3797,"A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of the argument Filedata leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier VDB-235065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32811,"In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42470,"The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41129,"Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46146,Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-29426,Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <= 1.6.5 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28848,"user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A vulnerability in versions 1.0.0 until 1.3.0 effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request. Users should upgrade user_oidc to 1.3.0 to receive a patch for the issue. No known workarounds are available.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2023-38237,Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-3668,Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38486,"A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6767,"A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Guest e-Book 1.0. This affects an unknown part of the file /endpoint/add-guest.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-247899.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39059,An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28625,"mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-46290,"
Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service.

",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31065,"Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 


An old session can be used by an attacker even after the user has been deleted or the password has been changed.


Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick  https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 ,  https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884  to solve it.




",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-34626,"Piwigo 13.7.0 is vulnerable to SQL Injection via the ""Users"" function.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-29046,"Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of time. As a result users were able to trigger large amount of egress network connections, possibly exhausting network pool resources and lock up legitimate requests. A new mechanism has been introduced to cancel external connections that might access user-controlled endpoints. No publicly available exploits are known.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2023-44847,An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2189,"The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggle_widget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to enable or disable Elementor widgets.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-42095,"Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21879.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-2806,A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1118,A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43762,Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5184," Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2023-24256,An issue in the com.nextev.datastatistic component of NIO EC6 Aspen before v3.3.0 allows attackers to escalate privileges via path traversal.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1403,"The Weaver Xtreme Theme for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 5.0.7. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6509,Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39810,An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27419,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Viable Blog theme <= 1.1.4 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29517,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the permissions of the user running the servlet engine (e.g. tomcat) running XWiki. The same vulnerability also allowed to perform internal requests to resources from the hosting server. The problem has been patched in XWiki 13.10.11, 14.10.1, 14.4.8, 15.0-rc-1. Users are advised to upgrade. It might be possible to workaround this vulnerability by running XWiki in a sandbox with a user with very low privileges on the machine.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4050,"In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-44467,"langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-44974,An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50959,"IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account.  IBM X-Force ID:  275938.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-25838,"
There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.

",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39039,An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,6.5,3.9,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2023-44175,"
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS).

Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.

Note: This issue is not noticed when all the devices in the network are Juniper devices.

This issue affects Juniper Networks:

Junos OS:



  *  All versions prior to 20.4R3-S7;
  *  21.2 versions prior to 21.2R3-S5;
  *  21.3 versions prior to 21.3R3-S4;
  *  21.4 versions prior to 21.4R3-S4;
  *  22.1 versions prior to 22.1R3-S4;
  *  22.2 versions prior to 22.2R3;
  *  22.3 versions prior to 22.3R3;
  *  22.4 versions prior to 22.4R3.




Junos OS Evolved:



  *  All versions prior to 22.3R3-EVO;
  *  22.4-EVO versions prior to 22.4R3-EVO;
  *  23.2-EVO versions prior to 23.2R1-EVO.






",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2228,Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.1.0.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51928,An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20243,"A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets.

 This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE. An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected.

 Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required. For more information, see the Details [""#details""] section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,8.6,3.9,4.0,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH
CVE-2023-30696,An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37687,Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the View Request of Nurse Page in the Admin portal.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37305,"An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-3722,An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20122,"Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34855,"A Cross Site Scripting (XSS) vulnerability in Youxun Electronic Equipment (Shanghai) Co., Ltd AC Centralized Management Platform v1.02.040 allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /upfile.cgi.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46298,"Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4239,"The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7.1 due to insufficient restriction on the 'rem_save_profile_front' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-27420,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Arya Multipurpose theme <= 1.0.5 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43721,"Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the ""PACKING_SLIPS_SUMMARY_TITLE[1]"" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3752,A vulnerability was found in Creativeitem Academy LMS 5.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home/courses. The manipulation of the argument sort_by leads to cross site scripting. The attack may be launched remotely. VDB-234422 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-5103,"Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into
clicking on an actionable item using an iframe.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-2139,"
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-28471,Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27075,A cross-site scripting vulnerability (XSS) in the component microbin/src/pasta.rs of Microbin v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37914,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41894,"Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the `*.ui.nabu.casa` URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the SniTun proxy, which sets the source address to 127.0.0.1 on all requests sent to the public URL and forwarded to the local Home Assistant. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-43504,A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4713,A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4126,Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30859,"Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you enable bungee mode in the config it will enable the bungee bridge and the server will begin to broadcast the 'triton:main' plugin channel. Using this plugin channel you are able to send a payload packet containing a byte (2) and a string (any spigot command). This could be used to make yourself a server operator and be used to extract other user information through phishing (pretending to be an admin), many servers use essentials so the /geoip command could be available to them, etc. This could also be modified to allow you to set the servers language, set another players language, etc. This issue affects those who have bungee enabled in config. This issue has been fixed in version 3.8.4.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37428,A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-44098,Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-45194,"Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communication without changing the pre-shared key from the factory-default configuration.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-25195,"Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.
Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. 

This issue affects Apache Fineract: from 1.4 through 1.8.3.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-20521,"TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,5.7,0.5,5.2,MEDIUM,2024-12-09T08:00Z,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-0652,"Due to a hardlink created in the ProgramData folder during the repair process of the software, the installer (MSI) of WARP Client for Windows (<= 2022.12.582.0) allowed a malicious attacker to forge the destination of the hardlink and escalate privileges, overwriting SYSTEM protected files.
As Cloudflare WARP client for Windows (up to version 2022.5.309.0) allowed creation of mount points from its ProgramData folder, during installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.


",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5375,Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1097,"Baicells EG7035-M11 devices with firmware through  BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party analyst and have been confirmed exploitable special thanks to Lionel Musonza for the discovery.





",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37215, JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34250,"Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, an attacker could use the new topics dismissal endpoint to reveal the number of topics recently created (but not the actual content thereof) in categories they didn't have access to. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-1786,Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-1205,NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-7110,"A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249005 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2922,A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230076.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-35759,"In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3477,A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-232756.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50446,An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45662,"stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger `memcpy` out-of-bounds read because `bytes_per_pixel` used to calculate `bytes_per_row` doesn’t match the real image array dimensions. ",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-34672,Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25010,A malicious actor may convince a victim to open a malicious USD file that may trigger an uninitialized variable which may result in code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35965,Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42029,"IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  266059.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-48239,"Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Enterprise Server, a malicious user could update any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud Server 25.0.13, 26.0.8, and 27.1.3 and Nextcloud Enterprise Server is upgraded to 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 contain a patch for this issue. As a workaround, disable app files_external. This workaround also makes the external storage inaccessible but retains the configurations until a patched version has been deployed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,7.1,2.8,4.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH
CVE-2023-28121,"An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22428,"
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage.

This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831(MR8), vEL8.40 and prior.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-23562,Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-35782,The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49118,"
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43648,"baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form submission data management feature of baserCMS. Version 4.8.0 contains a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21022,"In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236098131",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21390,"In Sim, there is a possible way to evade mobile preference restrictions due to a permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48360,"
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-25217,Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25973,Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3.0.2 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48828,"Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20892,The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34150,** UNSUPPORTED WHEN ASSIGNED ** Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2023-4338,Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20049,"A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-35384,Windows HTML Platforms Security Feature Bypass Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-45868,"The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside the documentRoot, to a publicly accessible location via the PHP function rename(). This results in a total loss of confidentiality, exposing sensitive resources, and potentially denying access to the affected component and the operating system's components. To exploit this, an attacker must manipulate a POST request during the creation of an exercise unit, by modifying the old_name and new_name parameters via directory traversal. However, it's essential to note that, when exploiting this vulnerability, the specified directory will be relocated from its original location, rendering all files obtained from there unavailable.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-40097,"In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38690,"matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-36274,LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-47646,Auth. (Shop Manager+) Stored Cross-Site Scripting (XSS) vulnerability in CedCommerce Recently viewed and most viewed products plugin <= 1.1.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44365,Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26213,"On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33218,"


The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. 
This could potentially lead to a Remote Code execution on the targeted device.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20199,"A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device. This vulnerability is due to the incorrect handling of responses from Cisco Duo when the application is configured to fail open. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permission.",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,6.6,0.7000000000000001,5.9,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28658,Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34111,The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of `${{ github.event.pull_request.title }}` in a bash command within the GitHub workflow. Attackers can inject malicious commands which will be executed by the workflow. This happens because `${{ github.event.pull_request.title }}` is directly passed to bash command on like 25 of the workflow. This may allow an attacker to gain access to secrets which the github action has access to or to otherwise make use of the compute resources.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45847,"Mattermost fails to to check the length when setting the title in a run checklist in Playbooks, allowing an attacker to send a specially crafted request and crash the Playbooks plugin

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-21027,"In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216854451",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43134,"There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1105,External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-22844,An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23711,Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP plugin <= 3.0.4 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-6383,"The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-40520,"The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-31762,Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30477,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50073,EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40984,A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23342,"If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. 

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-45120,"Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31407,"SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-41343,Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-51695,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! allows Stored XSS.This issue affects Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease!: from n/a through 2.0.4.1.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6373,"The ArtPlacer Widget WordPress plugin before 2.20.7 does not sanitize and escape the ""id"" parameter before submitting the query, leading to a SQLI exploitable by editors and above. Note: Due to the lack of CSRF check, the issue could also be exploited via a CSRF against a logged editor (or above)",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20879,VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28429,"Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 10.5.19 or, as a workaround, apply the patch manually.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22792,"A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4035,"The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-5612,"An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-50362,"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.1.6.2722 build 20240402 and later
QuTS hero h5.1.6.2734 build 20240414 and later
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45377,"In the module ""Chronopost Official"" (chronopost) for PrestaShop, a guest can perform SQL injection. The script PHP `cancelSkybill.php` own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20018,"A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.

 This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,6.5,3.9,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2023-32316,CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-44123,"The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth (""com.lge.bluetoothsetting"") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions=""true""` flag. ",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51729,"This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface.  A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system.

Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4756,Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-24114,typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via install.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30428,"Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role.
This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from 2.10.0 before 2.10.4, 2.11.0.

The vulnerability is exploitable when an attacker can connect directly to the Pulsar Broker. If an attacker is connecting through the Pulsar Proxy, there is no known way to exploit this authorization vulnerability.

There are two known risks for affected users. First, an attacker could produce garbage messages to any topic in the cluster. Second, an attacker could produce messages to the topic level policies topic for other tenants and influence topic settings that could lead to exfiltration and/or deletion of messages for other tenants.

2.8 Pulsar Broker users and earlier are unaffected.
2.9 Pulsar Broker users should upgrade to one of the patched versions.
2.10 Pulsar Broker users should upgrade to at least 2.10.4.
2.11 Pulsar Broker users should upgrade to at least 2.11.1.
3.0 Pulsar Broker users are unaffected.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-33563,"In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34108,"mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the `passwd-verify.lua` script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of ""password=<valid-password>"", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password ""123 mail_crypt_save_version=0"" would cause the `passwd-verify.lua` script to return the string ""password=123 mail_crypt_save_version=0"". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version `2023-05a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26073,"An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48111,Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-29723,"The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-42718,"In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4604,"The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4571,"In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. 

The vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-7171,A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file novel-admin/src/main/java/com/java2nb/novel/controller/FriendLinkController.java of the component Friendly Link Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named d6093d8182362422370d7eaf6c53afde9ee45215. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-249307.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0740,Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-2482,"The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32393,"The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6867,The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27444,Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lannoy / PerfOps One DecaLog plugin <= 3.7.0 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37944,"A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5968,"Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body. 

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42881,The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-44243,Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1443,A vulnerability was found in Filseclab Twister Antivirus 8. It has been declared as problematic. This vulnerability affects the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223288.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-46260,An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0604,"The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-51535,"Cross-Site Request Forgery (CSRF) vulnerability in ?leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35783,"The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39125,"NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is ""this main application was not intended to be a well tested program, it's just something to demonstrate it works and for the user to see how to integrate it into their own programs.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-29086,"An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-40604,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jes Madsen Cookies by JM plugin <= 1.0 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23510,A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-32542,Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23585,"Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. 

See Honeywell Security Notification for recommendations on upgrading and versioning. 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2845,Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-1490,A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-1812,Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3946,"
A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0271,"The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50936,"IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.  IBM X-Force ID:  275116.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27569,The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3450,A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232547. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4808,"The WP Post Popup WordPress plugin through 3.7.3 does not sanitise and escape some of its inputs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-45823,"Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of repositories loaded into Artifact Hub, it was possible to read internal files. Artifact Hub indexes content from a variety of sources, including git repositories. When processing git based repositories, Artifact Hub clones the repository and, depending on the artifact kind, reads some files from it. During this process, in some cases, no validation was done to check if the file was a symbolic link. This made possible to read arbitrary files in the system, potentially leaking sensitive information. This issue has been resolved in version `1.16.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-40686,"Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability.  A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system.  IBM X-Force ID:  264114.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38704,"import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for remote code execution in cases where an application passes user-supplied input directly to the `import()` function. This vulnerability has been patched in import-in-the-middle version 1.4.2.

Some workarounds are available. Do not pass any user-supplied input to `import()`. Instead, verify it against a set of allowed values. If using import-in-the-middle, directly or indirectly, and support for EcmaScript Modules is not needed, ensure that no options are set, either via command-line or the `NODE_OPTIONS` environment variable, that would enable loader hooks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28839,Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platform to synchronize data. The module Shoppingfeed for PrestaShop is vulnerable to SQL injection between version 1.4.0 and 1.8.2 due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this issue.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27092,Cross Site Scripting vulnerability found in Jbootfly allows attackers to obtain sensitive information via the username parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-51043,"In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22497,"Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has access to a Netdata Agent has access to its MACHINE_GUID. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents (children), offloading children from various functions (increased data retention, ML, health monitoring, etc) that can now be handled by the parent Agent. Configuration is done via `stream.conf`. On the parent side, users configure in `stream.conf` an API key (any random UUID can do) to provide common configuration for all children using this API key and per MACHINE GUID configuration to customize the configuration for each child. The way this was implemented, allowed an attacker to use a valid MACHINE_GUID as an API key. This affects all users who expose their Netdata Agents (children) to non-trusted users and they also expose to the same users Netdata Agent parents that aggregate data from all these children. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, do not enable streaming by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-33487,"TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the ""ip"" parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38407,bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-26735,"blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-25611,"A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45106,"Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin <= 2.8.33 versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46411,TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24044,"A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. NOTE: the vendor's position is ""the ability to use arbitrary domain names to access the panel is an intended feature.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1039,A vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index3.php of the component POST Parameter Handler. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221797 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41850,"Cross-Site Request Forgery (CSRF) vulnerability in Morris Bryant, Ruben Sargsyan Outbound Link Manager plugin <= 1.2 versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51721,"This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface.  A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system.

Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-34116,Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23546,A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38556,"Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer.
[Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in some printers provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-6307,A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by this vulnerability is an unknown functionality of the file /download/image. The manipulation of the argument imageUrl leads to relative path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246133 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2685,"A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started with system user privileges which could cause a shift in user access privileges.

It is unlikely to exploit the vulnerability in well maintained Windows installations since the attacker would need write access to system folders.

An update is available that resolves the vulnerability found during an internal review in the product AO-OPC = 3.2.1 
",CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H,6.3,0.30000000000000004,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4842,"The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1185,"A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. This affects an unknown part of the component New Product Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222357 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51671,Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2023-49842,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpexpertsio Rocket Maintenance Mode & Coming Soon Page allows Stored XSS.This issue affects Rocket Maintenance Mode & Coming Soon Page: from n/a through 4.3.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-49740,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.This issue affects Seraphinite Accelerator: from n/a through 2.20.28.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0012,"In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0244,A vulnerability classified as critical was found in TuziCMS 2.0.6. This vulnerability affects the function delall of the file \App\Manage\Controller\KefuController.class.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218152.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5485,Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-22935,"In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2896,"The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_duplicate_product function. This makes it possible for unauthenticated attackers to duplicate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-5522,"Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel. 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW
CVE-2023-51885,Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28481,An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using their own SSH key.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28868,Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-4961,"The Poptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'poptin-form' shortcode in versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37378,Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-48486,"Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27115,WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-46086,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin allows Reflected XSS.This issue affects affiliate-toolkit – WordPress Affiliate Plugin: from n/a through 3.4.3.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-52427,"In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. NOTE: the vendor's position is that the product is not designed to handle a max_samples value that is too large for the amount of memory on the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-47666,"Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.This issue affects Code Snippets: from n/a through 3.5.0.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24199,Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26127,"All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function.

**Note:**

To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40209,Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through 6.0.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-4841,"The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33077,Memory corruption in HLOS while converting from authorization token to HIDL vector.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46227,"
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.

This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.

[1]  https://github.com/apache/inlong/pull/8814 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-49430,Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3849,"A vulnerability, which was classified as problematic, was found in mooSocial mooDating 1.2. Affected is an unknown function of the file /find-a-match of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-235200. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-52026,TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2808,"Mattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-29299,"Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unrestricted, making the attack complexity high. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-47397,WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25122,Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the old_remote_subnet and the old_remote_mask variables.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38615,The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5822,"The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if a user authorized to edit form, which means editor privileges or above, has added a 'multiple file upload' form field with '*' acceptable file types.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30350,FS S3900-24T4S devices allow authenticated attackers with guest access to escalate their privileges and reset the admin password.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26395,Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27898,"Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-35012,"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking.  A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system.  IBM X-Force ID:  257763.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23703,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <= 2.1.7 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-25644,"
There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-6671,"A vulnerability has been discovered on OJS, that consists in a CSRF (Cross-Site Request Forgery) attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46246,"Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2669,A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228885 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28119,"The crewjam/saml go library contains a partial implementation of the SAML standard in golang. Prior to version 0.4.13, the package's use of `flate.NewReader` does not limit the size of the input. The user can pass more than 1 MB of data in the HTTP request to the processing functions, which will be decompressed server-side using the Deflate algorithm. Therefore, after repeating the same request multiple times, it is possible to achieve a reliable crash since the operating system kills the process. This issue is patched in version 0.4.13.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-44306,"


Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on the server filesystem.



",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-47142,IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access.  IBM X-Force ID:  270267.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0138,Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4011,An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which allows an attacker to spike the resource consumption resulting in DoS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4155,"A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H,5.6,1.1,4.0,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2023-23584,"
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an insufficiently-privileged user to infer the presence of items that would not otherwise be viewable. 

This issue affects: Gallagher Command Centre 8.70 prior to vEL8.70.1787 (MR2), 8.60 prior to vEL8.60.2039 (MR4), all version of 8.50 and prior.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-34577,SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows remote attackers to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27383,Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0257,A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input <?php system($_GET['c']); ?> leads to unrestricted upload. The attack can be launched remotely. The identifier VDB-218185 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41935,"Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-3981,Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-35670,"In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34982,"
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-27066,Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-41137,Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31429,"Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22682,Reflected Cross-Site Scripting (XSS) vulnerability in Manuel Masia | Pixedelic.Com Camera slideshow plugin <= 1.4.0.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2768,A vulnerability was found in Sucms 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin_ads.php?action=add. The manipulation of the argument intro leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-229274 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1339,"The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucss_update_rule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to update caching rules.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-5868,"A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-30414,Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4678,Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-25527,"NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26486,"Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale expression function passes a user supplied argument group to getScale, which is then used as if it were an internal context. The context.scales[name].value is accessed from group and called as a function back in scale. This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. This issue has been fixed in version 5.13.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0205,"NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,7.7,3.1,4.0,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2023-42816,"Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H,5.3,1.6,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-36384,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43281,Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-3280,"A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-50251,"php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a `use` tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the memory available to the executing process and/or to the server itself. An attacker sending multiple request to a system to render the above payload can potentially cause resource exhaustion to the point that the system is unable to handle incoming request. Version 0.5.1 contains a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-0001,"An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33235,"MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3057,A vulnerability was found in YFCMF up to 3.0.4. It has been rated as problematic. This issue affects some unknown processing of the file app/admin/controller/Ajax.php. The manipulation of the argument controllername leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230543.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30553,"Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the `sql_api/api_workflow.py` endpoint `ExecuteCheck`. User input coming from the `db_name` parameter value and the `full_sql` parameter value in the `api_workflow.py` `ExecuteCheck` endpoint is passed to the methods that follow in given SQL engine implementations, which concatenate user input unsafely into a SQL query and afterwards pass it to the `query` method of each database engine for execution. The affected methods are `execute_check` in `sql/engines/clickhouse.py` which concatenates input which is passed to execution on the database in the `sql/engines/clickhouse.py` `query` method, `execute_check` in `sql/engines/goinception.py`which concatenates input which is passed to execution on the database in the `sql/engines/goinception.py` `query` method, `execute_check` in `sql/engines/oracle.py`which passes unsafe user input into the `object_name_check` method in `sql/engines/oracle.py` which in turn is passed to execution on the database in the `sql/engines/oracle.py` `query` method. Each of these issues may be mitigated by escaping user input or by using prepared statements when executing SQL queries. This issue is also indexed as `GHSL-2022-102`.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34567,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37943,"Jenkins Active Directory Plugin 2.30 and earlier ignores the ""Require TLS"" and ""StartTls"" options and always performs the connection test to Active directory unencrypted, allowing attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active Directory credentials.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4594,Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-28036,"
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25571,"Backstage is an open platform for building developer portals. `@backstage/catalog-model` prior to version 1.2.0, `@backstage/core-components` prior to 0.12.4, and `@backstage/plugin-catalog-backend` prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicious actor with access to add or modify content in an instance of the Backstage software catalog to inject script URLs in the entities stored in the catalog. If users of the catalog then click on said URLs, that can lead to an XSS attack.

This vulnerability has been patched in both the frontend and backend implementations. The default `Link` component from `@backstage/core-components` version 1.2.0 and greater will now reject `javascript:` URLs, and there is a global override of `window.open` to do the same. In addition, the catalog model v0.12.4 and greater as well as the catalog backend v1.7.2 and greater now has additional validation built in that prevents `javascript:` URLs in known annotations. As a workaround, the general practice of limiting access to modifying catalog content and requiring code reviews greatly help mitigate this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4448,A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument password/password2 leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier VDB-237569 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30351,Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-26407,Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6902,A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248260.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1650,"The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46420,TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5054,"The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attackers to send emails utilizing the vulnerable site's server, with arbitrary content. Please note that this vulnerability has already been publicly disclosed with an exploit which is why we are publishing the details without a patch available, we are attempting to initiate contact with the developer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-6574,A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php of the component HTTP POST Request Handler. The manipulation of the argument 1_file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-247154 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43809,"Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote attacker to bypass public key authentication when keyboard-interactive SSH authentication is active, through the `allow-keyless` setting, and the public key requires additional client-side verification for example using FIDO2 or GPG. This is due to insufficient validation procedures of the public key step during SSH request handshake, granting unauthorized access if the keyboard-interaction mode is utilized. An attacker could exploit this vulnerability by presenting manipulated SSH requests using keyboard-interactive authentication mode. This could potentially result in unauthorized access to the Soft Serve. Users should upgrade to the latest Soft Serve version `v0.6.2` to receive the patch for this issue. To workaround this vulnerability without upgrading, users can temporarily disable Keyboard-Interactive SSH Authentication using the `allow-keyless` setting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0294,"The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on its AJAX actions function. This makes it possible for unauthenticated attackers to change image categories used by the plugin, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-0868,"Reflected cross-site scripting in graph results in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to steal session cookies. Users
should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and
Horizon installation instructions state that they are intended for installation
within an organization's private networks and should not be directly accessible
from the Internet.










",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21587,"Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-7024,Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25601,"On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the python-gateway function by changing the value `python-gateway.enabled=false` in configuration file `application.yaml`. If you are using the python gateway, please upgrade to version 3.1.2 or above.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-31133,"Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.

Ghost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21086,"In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238298970",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24804,"The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the .txt extension). Version 3.0 fixes the reported bypasses.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,4.4,1.8,2.5,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE
CVE-2023-28776,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-38043,"A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22731,"Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20028,"Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-42780,"Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors.
Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-1708,"An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49554,Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-39668,D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39018,FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic use cases in which FFmpeg.java uses untrusted input for the path of the executable file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2120,"The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33087,Memory corruption in Core while processing RX intent request.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45556,Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37298,Joplin before 2.11.5 allows XSS via a USE element in an SVG document.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-47997,An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-24195,Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4982,Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4058,Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26514,Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML Sitemaps Generator for Google plugin <= 1.3.3 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32490,"
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. 

",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49805,"Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When connecting to the server using Socket.IO, the server does not validate the `Origin` header leading to other site being able to open connections to the server and communicate with it. Other websites still need to authenticate to access most features, however this can be used to circumvent firewall protections made in place by people deploying the application.

Without origin validation, Javascript executed from another origin would be allowed to connect to the application without any user interaction. Without login credentials, such a connection is unable to access protected endpoints containing sensitive data of the application. However, such a connection may allow attacker to further exploit unseen vulnerabilities of the application. Users with ""No-auth"" mode configured who are relying on a reverse proxy or firewall to provide protection to the application would be especially vulnerable as it would grant the attacker full access to the application.

In version 1.23.9, additional verification of the HTTP Origin header has been added to the socket.io connection handler. By default, if the `Origin` header is present, it would be checked against the Host header. Connection would be denied if the hostnames do not match, which would indicate that the request is cross-origin. Connection would be allowed if the `Origin` header is not present. Users can override this behavior by setting environment variable `UPTIME_KUMA_WS_ORIGIN_CHECK=bypass`.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24058,"Booked Scheduler 2.5.5 allows authenticated users to create and schedule events for any other user via a modified userId value to reservation_save.php. NOTE: 2.5.5 is a version from 2014; the latest version of Booked Scheduler is not affected. However, LabArchives Scheduler (Sep 6, 2022 Feature Release) is affected.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-35827,An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-36818,Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-21102,"In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24369,A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-35186,The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49752,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48330,"Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Comment Remove allows Cross Site Request Forgery.This issue affects Bulk Comment Remove: from n/a through 2.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52185,"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-4294,"The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-28337,"When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-36666,"INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php may be affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50445,"Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27654,"An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2572,"The Survey Maker WordPress plugin before 3.4.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22435,Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-20231,"A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.

 This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.

 Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49294,"Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read. Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain a fix for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43830,"A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-51368,"A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.1.6.2722 build 20240402 and later
QuTS hero h5.1.6.2734 build 20240414 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34467,"XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscation configuration was not fully taken into account. While the mail displayed to the end user was obfuscated, the rest response was also containing the mail unobfuscated and users were able to filter and sort on the unobfuscated, allowing them to infer the mail content. The consequence was the possibility to retrieve the email addresses of all users even when obfuscated. This has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22957,"An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42542,Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-39640,UpLight cookiebanner before 1.5.1 was discovered to contain a SQL injection vulnerability via the component Hook::getHookModuleExecList().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25690,"Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.




Configurations are affected when mod_proxy is enabled along with some form of RewriteRule
 or ProxyPassMatch in which a non-specific pattern matches
 some portion of the user-supplied request-target (URL) data and is then
 re-inserted into the proxied request-target using variable 
substitution. For example, something like:




RewriteEngine on
RewriteRule ""^/here/(.*)"" ""http://example.com:8080/elsewhere?$1""; [P]
ProxyPassReverse /here/ http://example.com:8080/


Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31477,"A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-33216,"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments woodiscuz-woocommerce-comments allows Stored XSS.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.2.9.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-32224,D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46332,"WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop(), which lead to segmentation fault.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34422,"A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API call due to insufficient input validation.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-4181,"A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The manipulation leads to enforcement of behavioral workflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236216.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25934,"
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-2304,"The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'user_favorites' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0487,"The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41107,TEF portal 2023-07-17 is vulnerable to a persistent cross site scripting (XSS)attack.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46735,"Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39999,"Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-50879,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress.Com Editing Toolkit allows Stored XSS.This issue affects WordPress.Com Editing Toolkit: from n/a through 3.78784.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46706,"


Multiple MachineSense devices have credentials unable to be changed by the user or administrator.



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26258,Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25606,"An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4  all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-48362,"XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file.
Users are recommended to upgrade to version 1.21.2, which fixes this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28533,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-5468,"The Slick Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcscf-link' shortcode in versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3187,"A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some unknown functionality of the file /changeimage.php of the component Profile Picture Handler. The manipulation of the argument newpic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231176.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2023-5884,"The Word Balloon WordPress plugin before 4.20.3 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to trick a logged in user to delete arbitrary avatars by clicking a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-32040,Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-44959,An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37245,Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-6816,"A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31011,NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46224,An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1418,A vulnerability classified as problematic was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the argument transactioncode leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223129 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-26208,A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows  a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2023-45899,An issue in the component SuperUserSetuserModuleFrontController:init() of idnovate superuser before v2.4.2 allows attackers to bypass authentication via a crafted HTTP call.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-28736,Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1007,A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2503,"The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33156,Microsoft Defender Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48676,Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36943.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-45068,Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3074,Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-34035,"Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)

Specifically, an application is vulnerable when all of the following are true:

  *  Spring MVC is on the classpath
  *  Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet)
  *  The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints


An application is not vulnerable if any of the following is true:

  *  The application does not have Spring MVC on the classpath
  *  The application secures no servlets other than Spring MVC’s DispatcherServlet
  *  The application uses requestMatchers(String) only for Spring MVC endpoints



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-20872,VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2023-34005,Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Front End Users plugin <= 3.2.24 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32676,"Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted Tar file. Using the install assessment functionality an attacker can feed a Tar file that contain files with paths pointing outside of the target directory (e.g.,  `../../../../tmp/tarslipped1.sh`). When the Install assessment form is submitted the files inside of the archives are expanded to the attacker-chosen locations. This issue has been addressed in version 2.11.0. Users are advised to upgrade.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26530,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Kehrer Updraft plugin <= 0.6.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6056,"A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,7.4,2.2,5.2,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-33517,carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-6485,"The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against high privilege users like admins",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43017,IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access.  IBM X-Force ID:  266155.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52198,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michiel van Eerd Private Google Calendars allows Stored XSS.This issue affects Private Google Calendars: from n/a through 20231125.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-32821,"In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33485,TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5720,"A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-48866,A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim's cookies.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37393,"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20162,"Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41443,SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26152,All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-6699,"The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-45227,"














An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the ""dns.0.server"" parameter.







",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-41070,"A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-50828,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Vongries Ultimate Dashboard – Custom WordPress Dashboard allows Stored XSS.This issue affects Ultimate Dashboard – Custom WordPress Dashboard: from n/a through 3.7.11.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0572,"Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-42941,The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets.,CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.8,1.2,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-6300,"A vulnerability, which was classified as problematic, was found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function. The manipulation of the argument page with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246126 is the identifier assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43999,An issue in COLORFUL_laundry mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2023-23753,"The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32104,Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2023-0162,"The CPO Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its content type settings parameters in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29088,"An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-22878,IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user.  IBM X-Force ID:  244373.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-46629,Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30088,An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-43233,A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-41891,"FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. Prior to version 1.1.124, list endpoints on FlyteAdmin have a SQL vulnerability where a malicious user can send a REST request with custom SQL statements as list filters. The attacker needs to have access to the FlyteAdmin installation, typically either behind a VPN or authentication. Version 1.1.124 contains a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43824,"A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5362,"The Carousel, Recent Post Slider and Banner Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'spice_post_slider' shortcode in versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-41882,"vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-5851,Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-46613,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22376,Reflected cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to inject arbitrary script to inject an arbitrary script. NOTE: This vulnerability only affects products that are no longer supported by the developer.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30269,CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-39301,"A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2514 build 20230906 and later
QTS 5.1.1.2491 build 20230815 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.1.2488 build 20230812 and later
QuTScloud c5.1.0.2498 and later
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-1391,"A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/ab.php. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222978 is the identifier assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21183,"In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235863754",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1402,The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-47240,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap plugin <= 1.1.11 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44297,"
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.

",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21130,"In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33872,Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42692,"In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5869,"A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2964,"The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27032,Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38405,"On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-35162,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as: > <hostname>/xwiki/bin/get/FlamingoThemes/Cerulean xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain). This vulnerability exists since XWiki 6.1-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30638,"Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40052,"


This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0

. 

An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests.





",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-7218,"A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-249852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24164,Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38611,"The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27877,IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database.  IBM X-Force ID:  247905.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-1371,"The W4 Post List WordPress plugin before 2.4.6 does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-30765,"
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24820,"RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault exception after reaching the last page of RAM. The hard fault is not handled and the system will be stuck until reset. Thus the impact is denial of service. Version 2022.10 fixes this issue. As a workaround, apply the patch manually.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4622,"A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.

The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.

We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.

",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31245,"
























Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redirect the user to arbitrary and dangerous locations on the web.













",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33053,Memory corruption in Kernel while parsing metadata.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26290,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_reset_request.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_reset_request.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43501,A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-29438,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Martin SimpleModal Contact Form (SMCF) plugin <= 1.2.9 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22678,Cross-Site Request Forgery (CSRF) vulnerability in Rafael Dery Superior FAQ plugin <= 1.0.2 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31617,An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4693,"An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-30905,The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35719,"ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Password Reset Portal used by the GINA client. The issue results from the lack of proper authentication of data received via HTTP. An attacker can leverage this vulnerability to bypass authentication and execute code in the context of SYSTEM. Was ZDI-CAN-17009.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21445,"Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24736,PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /sauvegarde/restaure_act.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33657,"A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-32182,"A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30764,"OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23869,Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Mobile plugin <= 1.6.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45143,"Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,3.5,2.1,1.4,LOW,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-0474,Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4891,"
A potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service. 

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28376,Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28062,"
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50465,A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27497,"Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38571,"This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-36661,"Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-31848,davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23462,"Libpeconv – integer overflow, before commit 75b1565 (30/11/2022).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35785,"Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24582,Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injection is triggered through a TCP packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20009,"A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].

 The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3588,A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-40408,"An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-5858,Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-32612,"Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40719,"A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34470,"
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40731,"A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application allows users to upload arbitrary file types. This could allow an attacker to upload malicious files, that could potentially lead to code tampering.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45799,"In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient permission validation. This allows an attacker to make the victim download and execute arbitrary files.

















",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51698,"Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0236,"The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29157,Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1108,"A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-23788,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Florin Arjocu Custom More Link Complete plugin <= 1.4.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44158,"Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21395,"In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43267,A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-28733,"AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. 

This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0. 








",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-25059,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in avalex GmbH avalex – Automatically secure legal texts plugin <= 3.0.3 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0588,"The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-31135,"Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being encrypted. This is problematic because two log lines will often have the same length, so due to these collisions we are reusing the same nonce many times. All audit logs generated by versions of Dgraph <v23.0.0 are affected. Attackers must have access to the system the logs are stored on. Dgraph users should upgrade to v23.0.0. Users unable to upgrade should store existing audit logs in a secure location and for extra security, encrypt using an external tool like `gpg`.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-39979,"There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values.  

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33356,IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS).,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37254,An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22315,"
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code. 




",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20987,"In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569414",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.5,0.9,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-44205,"Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-29622,Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48301,"Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clicking the circle name in a search filter. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.13, 26.0.8, and 27.1.3 contain a fix for this issue. As a workaround, disable app circles.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-45627,"An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal

operation of the affected access point.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28835,"Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. This issue only affects users who do not have a password policy enabled, so enabling a password policy is an effective mitigation for users unable to upgrade.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2211,A vulnerability was found in Campcodes Coffee Shop POS System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226976.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42931,"The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5143,"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 up to 20151231. This issue affects some unknown processing of the file /log/webmailattach.php. The manipulation of the argument table_name leads to an unknown weakness. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240239. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-40766,"User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48291,"Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't.

This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2 

Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-30577,"AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-34237,"SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the vulnerabilities requires access to the web interface. Remote exploitation is possible if users[exposed their setup to the internet or other untrusted networks without setting a username/password. By default SABnzbd is only accessible from `localhost`, with no authentication required for the web interface. This issue has been patched in commits `e3a722` and `422b4f` which have been included in the 4.0.2 release. Users are advised to upgrade. Users unable to upgrade should ensure that a username and password have been set if their instance is web accessible.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39407,The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-20183,"Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-32610,Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-52900,"In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix general protection fault in nilfs_btree_insert()

If nilfs2 reads a corrupted disk image and tries to reads a b-tree node
block by calling __nilfs_btree_get_block() against an invalid virtual
block address, it returns -ENOENT because conversion of the virtual block
address to a disk block address fails.  However, this return value is the
same as the internal code that b-tree lookup routines return to indicate
that the block being searched does not exist, so functions that operate on
that b-tree may misbehave.

When nilfs_btree_insert() receives this spurious 'not found' code from
nilfs_btree_do_lookup(), it misunderstands that the 'not found' check was
successful and continues the insert operation using incomplete lookup path
data, causing the following crash:

 general protection fault, probably for non-canonical address
 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN
 KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
 ...
 RIP: 0010:nilfs_btree_get_nonroot_node fs/nilfs2/btree.c:418 [inline]
 RIP: 0010:nilfs_btree_prepare_insert fs/nilfs2/btree.c:1077 [inline]
 RIP: 0010:nilfs_btree_insert+0x6d3/0x1c10 fs/nilfs2/btree.c:1238
 Code: bc 24 80 00 00 00 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89
 ff e8 4b 02 92 fe 4d 8b 3f 49 83 c7 28 4c 89 f8 48 c1 e8 03 <42> 80 3c
 28 00 74 08 4c 89 ff e8 2e 02 92 fe 4d 8b 3f 49 83 c7 02
 ...
 Call Trace:
 <TASK>
  nilfs_bmap_do_insert fs/nilfs2/bmap.c:121 [inline]
  nilfs_bmap_insert+0x20d/0x360 fs/nilfs2/bmap.c:147
  nilfs_get_block+0x414/0x8d0 fs/nilfs2/inode.c:101
  __block_write_begin_int+0x54c/0x1a80 fs/buffer.c:1991
  __block_write_begin fs/buffer.c:2041 [inline]
  block_write_begin+0x93/0x1e0 fs/buffer.c:2102
  nilfs_write_begin+0x9c/0x110 fs/nilfs2/inode.c:261
  generic_perform_write+0x2e4/0x5e0 mm/filemap.c:3772
  __generic_file_write_iter+0x176/0x400 mm/filemap.c:3900
  generic_file_write_iter+0xab/0x310 mm/filemap.c:3932
  call_write_iter include/linux/fs.h:2186 [inline]
  new_sync_write fs/read_write.c:491 [inline]
  vfs_write+0x7dc/0xc50 fs/read_write.c:584
  ksys_write+0x177/0x2a0 fs/read_write.c:637
  do_syscall_x64 arch/x86/entry/common.c:50 [inline]
  do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
  entry_SYSCALL_64_after_hwframe+0x63/0xcd
 ...
 </TASK>

This patch fixes the root cause of this problem by replacing the error
code that __nilfs_btree_get_block() returns on block address conversion
failure from -ENOENT to another internal code -EINVAL which means that the
b-tree metadata is corrupted.

By returning -EINVAL, it propagates without glitches, and for all relevant
b-tree operations, functions in the upper bmap layer output an error
message indicating corrupted b-tree metadata via
nilfs_bmap_convert_error(), and code -EIO will be eventually returned as
it should be.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-22776,"An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5621,"The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Title field in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-22482,"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions of Argo CD starting with v1.8.2 and prior to 2.3.13, 2.4.19, 2.5.6, and 2.6.0-rc-3  are vulnerable to an improper authorization bug causing the API to accept certain invalid tokens. OIDC providers include an `aud` (audience) claim in signed tokens. The value of that claim specifies the intended audience(s) of the token (i.e. the service or services which are meant to accept the token). Argo CD _does_ validate that the token was signed by Argo CD's configured OIDC provider. But Argo CD _does not_ validate the audience claim, so it will accept tokens that are not intended for Argo CD. If Argo CD's configured OIDC provider also serves other audiences (for example, a file storage service), then Argo CD will accept a token intended for one of those other audiences. Argo CD will grant the user privileges based on the token's `groups` claim, even though those groups were not intended to be used by Argo CD. This bug also increases the impact of a stolen token. If an attacker steals a valid token for a different audience, they can use it to access Argo CD. A patch for this vulnerability has been released in versions 2.6.0-rc3, 2.5.6, 2.4.19, and 2.3.13. There are no workarounds.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3095,Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43770,"Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4852,A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/database/optimize. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239261 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38065,In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-26847,A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23815,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Jackson Multi-column Tag Map plugin <= 17.0.24 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39846,An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32338,IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access.  IBM X-Force ID:  255585.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21304,"In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-40825,An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21346,"In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-0637,"A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-43358,Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-42849,"The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-0866,Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27149,A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46556,TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3433,"The ""nickname"" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application. ",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-51459,"Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50922,"An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30506,Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32680,"Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn't enforce that requirement. This lack of enforcement meant that: Anyone–including people in sandboxed groups–could edit SQL snippets. They could edit snippets via the API or, in the application UI, when editing the metadata for a model based on a SQL question, and people in sandboxed groups could edit a SQL snippet used in a query that creates their sandbox. If the snippet contained logic that restricted which data that person could see, they could potentially edit that snippet and change their level of data access. The permissions model for SQL snippets has been fixed in Metabase versions 0.46.3, 0.45.4, 0.44.7, 1.46.3, 1.45.4, and 1.44.7. Users are advised to upgrade. Users unable to upgrade should ensure that SQL queries used to create sandboxes exclude SQL snippets.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N,9.6,3.1,5.8,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,NONE
CVE-2023-7226,A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-24232,A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-40083,"In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-6534,"In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers.  This could allow a malicious actor to execute a denial-of-service attack against hosts behind the firewall.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-33881,"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0206,"NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37439,"Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to
    obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1469,"The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This can potentially be exploited by lower-privileged users if the `Admin Dashboard Access Permission` setting it set for those users to access the dashboard.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-38526,"A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-41028,"A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0193,"
NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,4.4,1.8,2.5,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,LOW
CVE-2023-52060,A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user profile information via a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-46525,TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function loginRegister.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46352,"In the module ""Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module"" (facebookconversiontrackingplus) up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer table such as name / surname / email.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-25149,"TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run with a locked down `search_path`, allowing malicious users to create functions that would be executed by the telemetry job, leading to privilege escalation. In order to be able to take advantage of this vulnerability, a user would need to be able to create objects in a database and then get a superuser to install TimescaleDB into their database. When TimescaleDB is installed as trusted extension, non-superusers can install the extension without help from a superuser.

Version 2.9.3 fixes this issue. As a mitigation, the `search_path` of the user running the telemetry job can be locked down to not include schemas writable by other users. The vulnerability is not exploitable on instances in Timescale Cloud and Managed Service for TimescaleDB due to additional security provisions in place on those platforms.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3430,"A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-26529,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DupeOff.Com DupeOff plugin <= 1.6 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44088,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45174,"IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service.  IBM X-Force ID:  267972.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25722,"A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users (with OS-level access of the Jenkins remote) to discover Veracode API credentials by listing the process and its arguments. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs and when the ""Connect using proxy"" option is enabled and configured with proxy credentials, allows local users of the Jenkins remote to discover proxy credentials by listing the process and its arguments. Veracode Azure DevOps Extension before 3.20.0 invokes the Veracode Java API Wrapper in a manner that allows local users (with OS-level access to the Azure DevOps Services cloud infrastructure or Azure DevOps Server) to discover Veracode API credentials by listing the process and its arguments. Veracode Azure DevOps Extension before 3.20.0, when configured with proxy credentials, allows users (with shell access to the Azure DevOps Services cloud infrastructure or Azure DevOps Server) to discover proxy credentials by listing the process and its arguments.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-1018,An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-24845,"A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network.

An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4449,A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237570 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6298,A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of this vulnerability is VDB-246124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. A statement published afterwards explains that the exception is not a vulnerability and the identified CWEs might not apply to the software.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-45875,An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0554,"The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to update menu items, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-36158,Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6637,"The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_settings' function in versions up to, and including, 4.7.14. This makes it possible for unauthenticated attackers to update plugin settings.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-1278,"A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Affected by this issue is some unknown functionality of the file mobil/index.php. The manipulation of the argument accesstoken leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-222608.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29916,H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-36479,"Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-41319,"Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML files, but Fides can be configured to also accept the inclusion of custom Python code in it. The custom code is executed in a restricted, sandboxed environment, but the sandbox can be bypassed to execute any arbitrary code. The vulnerability allows the execution of arbitrary code on the target system within the context of the webserver python process owner on the webserver container, which by default is `root`, and leverage that access to attack underlying infrastructure and integrated systems. This vulnerability affects Fides versions `2.11.0` through `2.19.0`. Exploitation is limited to API clients with the `CONNECTOR_TEMPLATE_REGISTER` authorization scope. In the Fides Admin UI this scope is restricted to highly privileged users, specifically root users and users with the owner role.  Exploitation is only possible if the security configuration parameter `allow_custom_connector_functions` is enabled by the user deploying the Fides webserver container, either in `fides.toml` or by setting the env var `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS=True`. By default this configuration parameter is disabled. The vulnerability has been patched in Fides version `2.19.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. Users unable to upgrade should ensure that `allow_custom_connector_functions` in `fides.toml` and the `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS` are both either unset or explicit set to `False`.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5301,A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file album_add.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240940.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39549,A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted DWG file. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19562),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-44261,Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki Block Plugin Update plugin <= 3.3 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45005,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Castos Seriously Simple Stats plugin <= 1.5.1 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21015,"In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244569778",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27636,Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-31164,"
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.


See SEL Service Bulletin dated 2022-11-15 for more details.





",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-52285,ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php s_score2 parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21141,"In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2729,Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-49173,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10to8 Sign In Scheduling Online Appointment Booking System allows Stored XSS.This issue affects Sign In Scheduling Online Appointment Booking System: from n/a through 1.0.9.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46378,Stored Cross Site Scripting (XSS) vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3698,"Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-51257,An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6292,"The Ecwid Ecommerce Shopping Cart WordPress plugin before 6.12.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-23675,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catchsquare WP Smart Preloader plugin <= 1.15 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20116,"A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

 This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H,5.7,2.1,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-5753,"Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c


",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0486,VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39404,Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-21275,"In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50028,"In the module ""Sliding cart block"" (blockslidingcart) up to version 2.3.8 from PrestashopModules.eu for PrestaShop, a guest can perform SQL injection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-4535,"An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.",CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L,3.8,0.4,3.4,LOW,2024-12-09T08:00Z,PHYSICAL,HIGH,NONE,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2023-3427,"The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the 'save_customer' function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-1300,A vulnerability classified as critical was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file patient-report.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222661 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3743,"Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the product_one_img parameter to retrieve the information stored in the database.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-38648,Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1855,A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H,6.3,1.0,5.2,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-6058,"A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for subsequent HTTPS scans. This vulnerability allows an attacker to perform a Man-in-the-Middle (MITM) attack by using a self-signed certificate, which the product will trust after the site has been added to exceptions. This can lead to the interception and potential alteration of secure communications.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,6.8,1.6,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-48411,"In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-31717,A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-46238,"ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image types including SVG. SVG can include scripts, such as javascript, which can be executed during rendering. Due to a missing security header, an attacker could inject code to an SVG to gain access to the victim’s account in certain scenarios. A victim would need to directly open the malicious image in the browser, where a single session in ZITADEL needs to be active for this exploit to work. If the possible victim had multiple or no active sessions in ZITADEL, the attack would not succeed. This issue has been patched in version 2.39.2 and 2.38.2.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-36819,"Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint `_/knowage/restful-services/dossier/importTemplateFile_` allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch and prior to version 8.1.8, the application does not sanitize the `_templateName_ `parameter allowing an attacker to use `*../*` in it, and escaping the directory the template are normally placed and download any file from the system. This vulnerability allows a low privileged attacker to exfiltrate sensitive configuration file. This issue has been patched in Knowage version 8.1.8.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2262,"


A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50564,An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6084,A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-244994 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43469,SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23040,TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-21851,"Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration).  Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-33975,"RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. This issue is fixed in pull request 19680. As a workaround, disable support for fragmented IP datagrams.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33371,"Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31823,An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42835,A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-36707,Windows Deployment Services Denial of Service Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-4865,A vulnerability has been found in SourceCodester Take-Note App 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239350 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20193,"A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35690," In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-47765,Cross-Site Request Forgery (CSRF) vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26139,Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Exploiting this vulnerability is possible due to improper input sanitization which allows the usage of arguments like “__proto__”.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-41706,"Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited No publicly available exploits are known.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-32482,"
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,4.9,1.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-35946,"Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependency cache, it uses the dependency's coordinates to compute a file location. With specially crafted dependency coordinates, Gradle can be made to write files into an unintended location. The file may be written outside the dependency cache or over another file in the dependency cache. This vulnerability could be used to poison the dependency cache or overwrite important files elsewhere on the filesystem where the Gradle process has write permissions. Exploiting this vulnerability requires an attacker to have control over a dependency repository used by the Gradle build or have the ability to modify the build's configuration. It is unlikely that this would go unnoticed. A fix has been released in Gradle 7.6.2 and 8.2 to protect against this vulnerability. Gradle will refuse to cache dependencies that have path traversal elements in their dependency coordinates. It is recommended that users upgrade to a patched version. If you are unable to upgrade to Gradle 7.6.2 or 8.2, `dependency verification` will make this vulnerability more difficult to exploit.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-48176,An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web token).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3398,Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-45057,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hitsteps Web Analytics plugin <= 5.86 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44127,"he vulnerability is that the Call management (""com.android.server.telecom"") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-42643,"In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-25548,"
A CWE-863: Incorrect Authorization vulnerability exists that could allow access to device
credentials on specific DCE endpoints not being properly secured when a hacker is using a low
privileged user. 

 Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34796,"Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the org_name or domain values.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-20264,"A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-26941,Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-51373,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Google Photos Gallery with Shortcodes: from n/a through 4.0.2.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43728,"Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the ""stock_delivery_terms_text[1]"" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-43767,"Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2996,"The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3087,"The FluentSMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 2.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2805,"The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the agents[] parameter in the set_add_agent_leaves AJAX function before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32489,"
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  

",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-51023,TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27812,bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-24117,Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-22715,Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin <= 1.12.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21315,"In Bluetooth, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-3987,A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage_user&id=3. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235608.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20008,"A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device.

 This vulnerability is due to improper access controls on files that are in the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-1110,"The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37240,"
Vulnerability of missing input length verification in the  distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-7040,A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248689 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-32306,"Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the `reports.php` page was not validating all parameters in POST requests. Because some parameters were not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue is fixed in version 1.22.13.5792. As a workaround, use the fixed code in `ttReportHelper.class.php` from version 1.22.13.5792.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26595,Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-1251,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akinsoft Wolvox. This issue affects Wolvox: before 8.02.03.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31140,"OpenProject is open source project management software. Starting with version 7.4.0 and prior to version 12.5.4, when a user registers and confirms their first two-factor authentication (2FA) device for an account, existing logged in sessions for that user account are not terminated. Likewise, if an administrators creates a mobile phone 2FA device on behalf of a user, their existing sessions are not terminated. The issue has been resolved in OpenProject version 12.5.4 by actively terminating sessions of user accounts having registered and confirmed a 2FA device. As a workaround, users who register the first 2FA device on their account can manually log out to terminate all other active sessions. This is the default behavior of OpenProject but might be disabled through a configuration option. Double check that this option is not overridden if one plans to employ the workaround.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-28554,Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-25938,"
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2529,"The Enable SVG Uploads WordPress plugin through 2.1.5 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-46240,"CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5462,A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-241585 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-35060,Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33082,Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22480,"KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used to take over the cluster under certain conditions. This issue has been patched in version 3.16.4.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1987,A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function update_order_status of the file /classes/Master.php?f=update_order_status. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225535.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31412,"The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-35769,Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45750,Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in POSIMYTH Nexter Extension plugin <= 2.0.3 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33938,"Cross-site scripting (XSS) vulnerability in the App Builder module's custom object details page in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before update 14 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an App Builder custom object's `Name` field.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0102,"LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2023-22341,"On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate:

  *  An OAuth Server that references an OAuth Provider
  *  An OAuth profile with the Authorization Endpoint set to '/'
  *  An access profile that references the above OAuth profile and is associated with an HTTPS virtual server 


Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28360,An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-6757,A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247885 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2946,Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-25289,"Directory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web server, allows attacker to gain sensitive information via a crafted GET request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-27239,Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-29516,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on `XWiki.AttachmentSelector` can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping in the ""Cancel and return to page"" button. This page is installed by default. This vulnerability has been patched in XWiki 15.0-rc-1, 14.10.1, 14.4.8, and 13.10.11. There are no known workarounds for this vulnerability.
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2348,A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227591.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45853,"MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5555,Cross-site Scripting (XSS) - Generic in GitHub repository frappe/lms prior to 5614a6203fb7d438be8e2b1e3030e4528d170ec4.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-49402,Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-29060,"The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H,5.7,0.9,4.7,MEDIUM,2024-12-09T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2023-26942,Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-49825,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-6570,Server-Side Request Forgery (SSRF) in kubeflow/kubeflow,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-7220,A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3392,"The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46259,An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2422,"A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N,7.1,2.8,4.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,NONE
CVE-2023-1684,A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app&a=superadmin:index. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224241 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2837,Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-0443,The AnyWhere Elementor WordPress plugin before 1.2.8 discloses a Freemius Secret Key which could be used by an attacker to purchase the pro subscription using test credit card numbers without actually paying the amount. Such key has been revoked.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-40131,"In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-39611,An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attackers to enumerate and read files from the local filesystem by sending crafted web requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-6013,H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-33003,A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2023-50180,"An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-27513,Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-6526,"The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-26283,IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  248416.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6524,The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in all versions up to and including 2.88.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2056,A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects the function GetSystemFile of the file module_main.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225941 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43826,"Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process.

Users are recommended to upgrade to version 1.5.4, which fixes this issue.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-22973,A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26061,"An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this, because a few dynamically created parameters such as Jsession-id, a CSRF token, and an Nxsrf token would be needed. The attack can realistically only be performed by an internal user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-25428,A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35676,"In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46311,"Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.5,1.2,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-49371,RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-25668,"TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38050,"A BOLA vulnerability in GET, PUT, DELETE /webhooks/{webhookId} allows a low privileged user to fetch, modify or delete a webhook of any user (including admin). This results in unauthorized access and unauthorized data manipulation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-1780,"The Companion Sitemap Generator WordPress plugin before 4.5.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3878,A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagedes leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235240.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-39318,"The html/template package does not properly handle HTML-like """" comment tokens, nor hashbang ""#!"" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4512,CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-47326,Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-28400,mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. ,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46176,"IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys.  IBM X-Force ID:  269535.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5196,"Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users. 



",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-23397,Microsoft Outlook Elevation of Privilege Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30948,"A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content.

This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-38198,"acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42541,Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2023-0014,"SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0078,"The Resume Builder WordPress plugin through 3.1.1 does not sanitize and escape some parameters related to Resume, which could allow users with a role as low as subscriber to perform Stored XSS attacks against higher privilege users",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-44961,SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-2231,"A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4.1_TBRO_20160314. This affects an unknown part of the component Remote Management. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49567,"A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5 and SHA1 collision hash functions which allow attackers to create rogue certificates that appear legitimate.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,6.8,1.6,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-27450,Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23531,"The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,8.6,1.8,6.0,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2023-23646,Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46503,Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a remote attacker to execute arbitrary code via the reader management and book input modules.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-36755,"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP CA Certificate Name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5653,"The WassUp Real Time Analytics WordPress plugin through 1.9.4.5 does not escape IP address provided via some headers before outputting them back in an admin page, allowing unauthenticated users to perform Stored XSS attacks against logged in admins",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-37239,Format string vulnerability in the  distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-40251,"Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-46954,SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-29196,"Discourse is an open source platform for community discussion. This vulnerability is not exploitable on the default install of Discourse. A custom feature must be enabled for it to work at all, and the attacker’s payload must pass the CSP to be executed. However, if an attacker succeeds in embedding Javascript that does pass the CSP, it could result in session hijacking for any users that view the attacker’s post. The vulnerability is patched in the latest tests-passed, beta and stable branches. Users are advised to upgrade. Users unable to upgrade should enable and/or restore your site's CSP to the default one provided with Discourse. Remove any embed-able hosts configured.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30872,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.5,1.2,5.2,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2023-0887,A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The associated identifier of this vulnerability is VDB-221351.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-43722,"Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.
This vulnerability allows attackers to inject JS through the ""orders_status_groups_name[1]"" parameter,
potentially leading to unauthorized execution of scripts within a user's web browser.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-39419,A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27119,WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-23688,Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23370,"An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.

We have already fixed the vulnerability in the following version:
QVPN Windows 2.1.0.0518 and later
",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5282,A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240910 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21152,"In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-269174022References: N/A",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5808,"SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-29850,SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-48668,"
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the managed system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker on a managed system of DDMC. 

",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-23277,"Snippet-box 1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote attackers can render arbitrary web script or HTML from the ""Snippet code"" form field.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-27470,"BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-21505,Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,8.6,3.9,4.0,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE
CVE-2023-41030,Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated attackers to log in to the web interface or telnet service as the 'user' user.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26281,IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL.  IBM X-Force ID:  248296.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-42096,"Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21880.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-44191,"
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).

On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.

This issue affects:

Juniper Networks Junos OS on QFX5000 Series and EX4000 Series



  *  21.1 versions prior to 21.1R3-S5;
  *  21.2 versions prior to 21.2R3-S5;
  *  21.3 versions prior to 21.3R3-S5;
  *  21.4 versions prior to 21.4R3-S4;
  *  22.1 versions prior to 22.1R3-S3;
  *  22.2 versions prior to 22.2R3-S1;
  *  22.3 versions prior to 22.3R2-S2, 22.3R3;
  *  22.4 versions prior to 22.4R2.




This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1



",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-44256,"A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 and FortiManager version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 allows a remote attacker with low privileges to view sensitive data from internal servers or perform a local port scan via a crafted HTTP request.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-3578,A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file co_do.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233371.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-1839,"The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-5073,"The iframe forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iframe' shortcode in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-1963,A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225359.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-35005,"In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations.

This vulnerability is mitigated by the fact configuration is not shown in the UI by default (only if `[webserver] expose_config` is set to `non-sensitive-only`), and not all uncensored values are actually sentitive.


This issue affects Apache Airflow: from 2.5.0 before 2.6.2. Users are recommended to update to version 2.6.2 or later.


",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-46705,in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-33617,An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32549,Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-27973,Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-42453,"Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-4746,A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the impact is to bypass the validation which leads to to OS command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-30399,Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38633,"A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href="".?../../../../../../../../../../etc/passwd"" in an xi:include element.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0579,"The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52173,XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-3972,"A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-52133,"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27385,"Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed.
",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-0927,Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46845,"EC-CUBE 3 series (3.0.0 to 3.0.18-p6) and 4 series (4.0.0 to 4.0.6-p3, 4.1.0 to 4.1.2-p2, and 4.2.0 to 4.2.2) contain an arbitrary code execution vulnerability due to improper settings of the template engine Twig included in the product. As a result, arbitrary code may be executed on the server where the product is running by a user with an administrative privilege.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46409,TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-29058,"A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-41678,"A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-37527,"A reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page. 
",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-4314,"The wpDataTables WordPress plugin before 2.1.66 does not validate the ""Serialized PHP array"" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in environments where admin users should not be allowed to execute arbitrary code, such as multisite.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-48705,"Nautobot is a Network Source of Truth and Network Automation Platform built as a web application All users of Nautobot versions earlier than 1.6.6 or 2.0.5 are potentially affected by a cross-site scripting vulnerability. Due to incorrect usage of Django's `mark_safe()` API when rendering certain types of user-authored content; including custom links, job buttons, and computed fields; it is possible that users with permission to create or edit these types of content could craft a malicious payload (such as JavaScript code) that would be executed when rendering pages containing this content. The maintainers have fixed the incorrect uses of `mark_safe()` (generally by replacing them with appropriate use of `format_html()` instead) to prevent such malicious data from being executed. Users on Nautobot 1.6.x LTM should upgrade to v1.6.6 and users on Nautobot 2.0.x should upgrade to v2.0.5. Appropriate object permissions can and should be applied to restrict which users are permitted to create or edit the aforementioned types of user-authored content. Other than that, there is no direct workaround available.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-50712,"Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting (XSS) vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attacker to inject malicious scripts into the application, which could then be executed when a user visits the affected locations. This could lead to unauthorized access, data theft, or other related malicious activities. An attacker need to be authenticated on the application to exploit this vulnerability. The issue is fixed in version v2.3.7 of iris-web. No known workarounds are available.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-47544,"Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.12 versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-30186,A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-46435,Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-20859,"In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-31014,"NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L,4.8,1.3,3.4,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2023-51541,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Uroševic Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-2819,A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. ?This could result in arbitrary javascript code execution in an admin context.?All versions prior to 5.10.0 are affected.? ,CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.3,1.2,2.7,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-21401,"In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-24698,Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22308,An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-39924,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mitchell Bennis Simple File List plugin <= 6.1.9 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-3655,"cashIT! - serving solutions. Devices from ""PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH"" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...). This vulnerability can be triggered by an HTTP endpoint exposed to the network.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-43793,"Misskey is an open source, decentralized social media platform. Prior to version 2023.9.0, by editing the URL, a user can bypass the authentication of the Bull dashboard, which is the job queue management UI, and access it. Version 2023.9.0 contains a fix. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-34477,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-5491,"A vulnerability, which was classified as critical, has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241643. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-33879,"In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2023-25526,NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-24994,A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-27956,"The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-28411,Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-0936,A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34158,Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2023-41419,An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38623,Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-26439,"The cacheservice API could be abused to inject parameters with SQL syntax which was insufficiently sanitized before getting executed as SQL statement. Attackers with access to a local or restricted network were able to perform arbitrary SQL queries, discovering other users cached data. We have improved the input check for API calls and filter for potentially malicious content. No publicly available exploits are known.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50651,TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49801,"Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the `get_pfp` and `get_banner` routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving through these URLs is correct. This could allow an attacker access to files they shouldn't have access to. This issue has been patched in version 1.4.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-28482,"An issue was discovered in Tigergraph Enterprise 3.7.0. A single TigerGraph instance can host multiple graphs that are accessed by multiple different users. The TigerGraph platform does not protect the confidentiality of any data uploaded to the remote server. In this scenario, any user that has permissions to upload data can browse data uploaded by any other user (irrespective of their permissions).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-31366,"Improper input validation in AMD ?Prof could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-30786,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Benjamin Guy Captcha Them All plugin <= 1.3.3 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-23343,"A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-29693,H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-31025,NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-22915,"A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-20898,"Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,7.8,1.1,6.0,HIGH,2024-12-09T08:00Z,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2023-2772,"A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/manage_budget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-229278 is the identifier assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45810,"OpenFGA is a flexible authorization/permission engine built for developers and inspired by Google Zanzibar. Affected versions of OpenFGA are vulnerable to a denial of service attack. When a number of `ListObjects` calls are executed, in some scenarios, those calls are not releasing resources even after a response has been sent, and given a sufficient call volume the service as a whole becomes unresponsive. This issue has been addressed in version 1.3.4 and the upgrade is considered backwards compatible. There are no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-2876,"Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-6567,"The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-37376,"A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains a type confusion vulnerability while parsing STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21051)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32041,Windows Update Orchestrator Service Information Disclosure Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-52271,The wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud allows low-privileged attackers to kill any (Protected Process Light) process via an IOCTL (which will be named at a later time).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,6.5,2.0,4.0,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH
CVE-2023-20793,"In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,4.4,0.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-34388,"An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication.



See product Instruction Manual Appendix A dated 20230830 for more details.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-50291,"Insufficiently Protected Credentials vulnerability in Apache Solr.

This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.
One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties that had ""password"" contained in the name.
There are a number of sensitive system properties, such as ""basicauth"" and ""aws.secretKey"" do not contain ""password"", thus their values were published via the ""/admin/info/properties"" endpoint.
This endpoint populates the list of System Properties on the home screen of the Solr Admin page, making the exposed credentials visible in the UI.

This /admin/info/properties endpoint is protected under the ""config-read"" permission.
Therefore, Solr Clouds with Authorization enabled will only be vulnerable through logged-in users that have the ""config-read"" permission.
Users are recommended to upgrade to version 9.3.0 or 8.11.3, which fixes the issue.
A single option now controls hiding Java system property for all endpoints, ""-Dsolr.hiddenSysProps"".
By default all known sensitive properties are hidden (including ""-Dbasicauth""), as well as any property with a name containing ""secret"" or ""password"".

Users who cannot upgrade can also use the following Java system property to fix the issue:
  '-Dsolr.redaction.system.pattern=.*(password|secret|basicauth).*'

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-45604,Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Reilly Get Custom Field Values plugin <= 4.0.1 versions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-36386,"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The value is reflected in the response without sanitization while throwing an
“invalid params element name” error on the get_elements parameters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-40705,Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2023-0875,"The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-49092,"RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-5700,"A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/iscgwtunnel/uploadiscgwrouteconf.php. The manipulation of the argument GWLinkId leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-243138 is the identifier assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-32432,"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2023-27279,IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting.  IBM X-Force ID:  248533.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-25900,"Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-2977,"A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,7.1,1.8,5.2,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH
CVE-2023-30086,Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-28182,"The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2023-46014,SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-36308,disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2023-20727,"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-41090,Race condition in some Intel(R) MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,6.4,0.5,5.9,MEDIUM,2024-12-09T08:00Z,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-38688,"twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, the connection is not using TLS for communication. In the configuration of the irc connection, the software disables TLS, which makes all communication to Twitch IRC servers unencrypted. As a result, communication, including auth tokens, can be sniffed. Version 2.4.1 has a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-09T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2023-32638,Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2023-45169,"IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service.  IBM X-Force ID:  267967.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-09T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2023-3932,"An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-09T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-42948,Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-23834,"Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in 3.1.5 and 3.2.0.beta5.  As a workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-41735,"SAP Commerce Backoffice does not sufficiently
encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)
vulnerability causing low impact on confidentiality and integrity of the
application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21670,"Ursa is a cryptographic library for use with blockchains. The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to generate a valid Non-Revocation Proof for that credential as part of an AnonCreds presentation. A verifier may verify a credential from a holder as being ""not revoked"" when in fact, the holder's credential has been revoked. Ursa has moved to end-of-life status and no fix is expected.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7417,"The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract data from password protected posts.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-38435,Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-35154,"IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code.  Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system.  IBM X-Force ID:  292641.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43846,"In the Linux kernel, the following vulnerability has been resolved:

lib: objagg: Fix general protection fault

The library supports aggregation of objects into other objects only if
the parent object does not have a parent itself. That is, nesting is not
supported.

Aggregation happens in two cases: Without and with hints, where hints
are a pre-computed recommendation on how to aggregate the provided
objects.

Nesting is not possible in the first case due to a check that prevents
it, but in the second case there is no check because the assumption is
that nesting cannot happen when creating objects based on hints. The
violation of this assumption leads to various warnings and eventually to
a general protection fault [1].

Before fixing the root cause, error out when nesting happens and warn.

[1]
general protection fault, probably for non-canonical address 0xdead000000000d90: 0000 [#1] PREEMPT SMP PTI
CPU: 1 PID: 1083 Comm: kworker/1:9 Tainted: G        W          6.9.0-rc6-custom-gd9b4f1cca7fb #7
Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019
Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work
RIP: 0010:mlxsw_sp_acl_erp_bf_insert+0x25/0x80
[...]
Call Trace:
 <TASK>
 mlxsw_sp_acl_atcam_entry_add+0x256/0x3c0
 mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0
 mlxsw_sp_acl_tcam_vchunk_migrate_one+0x16b/0x270
 mlxsw_sp_acl_tcam_vregion_rehash_work+0xbe/0x510
 process_one_work+0x151/0x370
 worker_thread+0x2cb/0x3e0
 kthread+0xd0/0x100
 ret_from_fork+0x34/0x50
 ret_from_fork_asm+0x1a/0x30
 </TASK>",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-24399,An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated attackers to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47449,"Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-50020,"In the Linux kernel, the following vulnerability has been resolved:

ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()

This patch addresses an issue with improper reference count handling in the
ice_sriov_set_msix_vec_count() function.

First, the function calls ice_get_vf_by_id(), which increments the
reference count of the vf pointer. If the subsequent call to
ice_get_vf_vsi() fails, the function currently returns an error without
decrementing the reference count of the vf pointer, leading to a reference
count leak. The correct behavior, as implemented in this patch, is to
decrement the reference count using ice_put_vf(vf) before returning an
error when vsi is NULL.

Second, the function calls ice_sriov_get_irqs(), which sets
vf->first_vector_idx. If this call returns a negative value, indicating an
error, the function returns an error without decrementing the reference
count of the vf pointer, resulting in another reference count leak. The
patch addresses this by adding a call to ice_put_vf(vf) before returning
an error when vf->first_vector_idx < 0.

This bug was identified by an experimental static analysis tool developed
by our team. The tool specializes in analyzing reference count operations
and identifying potential mismanagement of reference counts. In this case,
the tool flagged the missing decrement operation as a potential issue,
leading to this patch.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9751,"Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24468.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7531,"Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-41830,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-30086,Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-24015,"A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL via /sys/user/exit",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0585,"The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the Image URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21536,"Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. An attacker could kill the Node.js process and crash the server by making requests to certain paths.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-40322,An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41715,"The goTenna Pro ATAK Plugin does not inject extra characters into 
broadcasted frames to obfuscate the length of messages. This makes it 
possible to tell the length of the payload regardless of the encryption 
used.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-11074,"A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The manipulation of the argument inccat/desc/date/amount leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter ""inccat"" to be affected. But it must be assumed ""desc"", ""date"", and ""amount"" are affected as well.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-25417,flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0703,"The Sticky Buttons – floating buttons builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via sticky URLs in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10886,"The Tribute Testimonials – WordPress Testimonial Grid/Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tribute_testimonials_slider' shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-1194,A vulnerability classified as problematic has been found in Armcode AlienIP 2.41. Affected is an unknown function of the component Locate Host Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-43896,"In the Linux kernel, the following vulnerability has been resolved:

ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL

Call efi_rt_services_supported() to check that efi.get_variable exists
before calling it.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-51076,"A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitrary code via the ""searchdata"" parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10427,"A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /deleteanimal.php. The manipulation of the argument t1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter ""refno"" to be affected. But further inspection indicates that the name of the affected parameter is ""t1"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-24308,"SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1.9 and before, allows remote attackers to escalate privileges and obtain sensitive information via changeOrderCarrier.php, relayPoint.php, and shippingConfirmation.php.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41237,"A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the ""username"" parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50023,"In the Linux kernel, the following vulnerability has been resolved:

net: phy: Remove LED entry from LEDs list on unregister

Commit c938ab4da0eb (""net: phy: Manual remove LEDs to ensure correct
ordering"") correctly fixed a problem with using devm_ but missed
removing the LED entry from the LEDs list.

This cause kernel panic on specific scenario where the port for the PHY
is torn down and up and the kmod for the PHY is removed.

On setting the port down the first time, the assosiacted LEDs are
correctly unregistered. The associated kmod for the PHY is now removed.
The kmod is now added again and the port is now put up, the associated LED
are registered again.
On putting the port down again for the second time after these step, the
LED list now have 4 elements. With the first 2 already unregistered
previously and the 2 new one registered again.

This cause a kernel panic as the first 2 element should have been
removed.

Fix this by correctly removing the element when LED is unregistered.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38043,PowerShell Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46942,"In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-34344,"Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an attacker can execute arbitrary JavaScript on the server side, which allows them to execute arbitrary commands. Users who open a malicious web page in the browser while running the test locally are affected by this vulnerability, which results in the remote code execution from the malicious web page. Since web pages can send requests to arbitrary addresses, a malicious web page can repeatedly try to exploit this vulnerability, which then triggers the exploit when the test server starts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9462,"The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N,5.5,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-0265,A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249821 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35701,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-45610,"GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form. Upgrade to 10.0.17.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-0688,"The ""WebSub (FKA. PubSubHubbub)"" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-1661,A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254179. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-20012,"In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,6.7,0.8,5.9,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7616,A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35713,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UAPP GROUP Testimonial Carousel For Elementor allows Stored XSS.This issue affects Testimonial Carousel For Elementor: from n/a through 10.1.1.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-27820,"The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37898,"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When a user has view but not edit right on a page in XWiki, that user can delete the page and replace it by a page with new content without having delete right. The previous version of the page is moved into the recycle bin and can be restored from there by an admin. As the user is recorded as deleter, the user would in theory also be able to view the deleted content, but this is not directly possible as rights of the previous version are transferred to the new page and thus the user still doesn't have view right on the page. It therefore doesn't seem to be possible to exploit this to gain any rights. This has been patched in XWiki 14.10.21, 15.5.5 and 15.10.6 by cancelling save operations by users when a new document shall be saved despite the document's existing already.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-48997,SQL Server Native Client Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37999,A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted account with high privileges and network access. This could allow an authenticated local attacker to escalate privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-28762,"IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions.  IBM X-Force ID:  285246.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-21459,Information disclosure while handling beacon or probe response frame in STA.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-21279,"Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions).  Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Sourcing.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Sourcing accessible data as well as  unauthorized access to critical data or complete access to all Oracle Sourcing accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-31842,"An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET requests. The query string for the URL could be saved in the browser's history, passed through Referers to other web sites, stored in web logs, or otherwise recorded in other sources. If the query string contains sensitive information such as session identifiers, then attackers can use this information to launch further attacks. Because the access token in sent in GET requests, this vulnerability could lead to complete account takeover.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0086,NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-1026,A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-252293 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-11447,"The Community by PeepSo – Download from PeepSo.com plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘filter’ parameter in all versions up to, and including, 6.4.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-26600,"In the Linux kernel, the following vulnerability has been resolved:

phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

If the external phy working together with phy-omap-usb2 does not implement
send_srp(), we may still attempt to call it. This can happen on an idle
Ethernet gadget triggering a wakeup for example:

configfs-gadget.g1 gadget.0: ECM Suspend
configfs-gadget.g1 gadget.0: Port suspended. Triggering wakeup
...
Unable to handle kernel NULL pointer dereference at virtual address
00000000 when execute
...
PC is at 0x0
LR is at musb_gadget_wakeup+0x1d4/0x254 [musb_hdrc]
...
musb_gadget_wakeup [musb_hdrc] from usb_gadget_wakeup+0x1c/0x3c [udc_core]
usb_gadget_wakeup [udc_core] from eth_start_xmit+0x3b0/0x3d4 [u_ether]
eth_start_xmit [u_ether] from dev_hard_start_xmit+0x94/0x24c
dev_hard_start_xmit from sch_direct_xmit+0x104/0x2e4
sch_direct_xmit from __dev_queue_xmit+0x334/0xd88
__dev_queue_xmit from arp_solicit+0xf0/0x268
arp_solicit from neigh_probe+0x54/0x7c
neigh_probe from __neigh_event_send+0x22c/0x47c
__neigh_event_send from neigh_resolve_output+0x14c/0x1c0
neigh_resolve_output from ip_finish_output2+0x1c8/0x628
ip_finish_output2 from ip_send_skb+0x40/0xd8
ip_send_skb from udp_send_skb+0x124/0x340
udp_send_skb from udp_sendmsg+0x780/0x984
udp_sendmsg from __sys_sendto+0xd8/0x158
__sys_sendto from ret_fast_syscall+0x0/0x58

Let's fix the issue by checking for send_srp() and set_vbus() before
calling them. For USB peripheral only cases these both could be NULL.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10928,A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-50026,"In the Linux kernel, the following vulnerability has been resolved:

scsi: wd33c93: Don't use stale scsi_pointer value

A regression was introduced with commit dbb2da557a6a (""scsi: wd33c93:
Move the SCSI pointer to private command data"") which results in an oops
in wd33c93_intr(). That commit added the scsi_pointer variable and
initialized it from hostdata->connected. However, during selection,
hostdata->connected is not yet valid. Fix this by getting the current
scsi_pointer from hostdata->selecting.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-50201,"In the Linux kernel, the following vulnerability has been resolved:

drm/radeon: Fix encoder->possible_clones

Include the encoder itself in its possible_clones bitmask.
In the past nothing validated that drivers were populating
possible_clones correctly, but that changed in commit
74d2aacbe840 (""drm: Validate encoder->possible_clones"").
Looks like radeon never got the memo and is still not
following the rules 100% correctly.

This results in some warnings during driver initialization:
Bogus possible_clones: [ENCODER:46:TV-46] possible_clones=0x4 (full encoder mask=0x7)
WARNING: CPU: 0 PID: 170 at drivers/gpu/drm/drm_mode_config.c:615 drm_mode_config_validate+0x113/0x39c
...

(cherry picked from commit 3b6e7d40649c0d75572039aff9d0911864c689db)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9484,An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-23647,"Authentik is an open-source Identity Provider. There is a bug in our implementation of PKCE that allows an attacker to circumvent the protection that PKCE offers. PKCE adds the code_challenge parameter to the authorization request and adds the code_verifier parameter to the token request. Prior to 2023.8.7 and 2023.10.7, a downgrade scenario is possible: if the attacker removes the code_challenge parameter from the authorization request, authentik will not do the PKCE check. Because of this bug, an attacker can circumvent the protection PKCE offers, such as CSRF attacks and code injection attacks.  Versions 2023.8.7 and 2023.10.7 fix the issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-21759,"An authorization bypass through user-controlled key in Fortinet FortiPortal version 7.2.0, and versions 7.0.0 through 7.0.6 allows attacker to view unauthorized resources via HTTP or HTTPS requests.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-24332,TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-4071,A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. This issue affects some unknown processing of the file prodInfo.php. The manipulation of the argument prodId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261797 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-44165,"A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-49954,"In the Linux kernel, the following vulnerability has been resolved:

static_call: Replace pointless WARN_ON() in static_call_module_notify()

static_call_module_notify() triggers a WARN_ON(), when memory allocation
fails in __static_call_add_module().

That's not really justified, because the failure case must be correctly
handled by the well known call chain and the error code is passed
through to the initiating userspace application.

A memory allocation fail is not a fatal problem, but the WARN_ON() takes
the machine out when panic_on_warn is set.

Replace it with a pr_warn().",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-37216,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rami Yushuvaev Sketchfab Embed allows Stored XSS.This issue affects Sketchfab Embed: from n/a through 1.5.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-42951,Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7004,Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2024-51495,"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the ""overwrite_ip"" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21190,"Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning).   The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via SFTP to compromise Oracle Global Lifecycle Management FMW Installer.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Global Lifecycle Management FMW Installer accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-9552,A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been rated as critical. Affected by this issue is the function formSetWanNonLogin of the file /goform/formSetWanNonLogin. The manipulation of the argument webpage leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10189,"The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchor_episodes shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21248,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22 and  prior to 7.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as  unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L).",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L,5.3,1.1,3.7,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,CHANGED,LOW,LOW,LOW
CVE-2024-10158,A vulnerability classified as problematic has been found in PHPGurukul Boat Booking System 1.0. Affected is the function session_start. The manipulation leads to session fixiation. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23652,"BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,9.1,3.9,5.2,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2024-49866,"In the Linux kernel, the following vulnerability has been resolved:

tracing/timerlat: Fix a race during cpuhp processing

There is another found exception that the ""timerlat/1"" thread was
scheduled on CPU0, and lead to timer corruption finally:

```
ODEBUG: init active (active state 0) object: ffff888237c2e108 object type: hrtimer hint: timerlat_irq+0x0/0x220
WARNING: CPU: 0 PID: 426 at lib/debugobjects.c:518 debug_print_object+0x7d/0xb0
Modules linked in:
CPU: 0 UID: 0 PID: 426 Comm: timerlat/1 Not tainted 6.11.0-rc7+ #45
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:debug_print_object+0x7d/0xb0
...
Call Trace:
 <TASK>
 ? __warn+0x7c/0x110
 ? debug_print_object+0x7d/0xb0
 ? report_bug+0xf1/0x1d0
 ? prb_read_valid+0x17/0x20
 ? handle_bug+0x3f/0x70
 ? exc_invalid_op+0x13/0x60
 ? asm_exc_invalid_op+0x16/0x20
 ? debug_print_object+0x7d/0xb0
 ? debug_print_object+0x7d/0xb0
 ? __pfx_timerlat_irq+0x10/0x10
 __debug_object_init+0x110/0x150
 hrtimer_init+0x1d/0x60
 timerlat_main+0xab/0x2d0
 ? __pfx_timerlat_main+0x10/0x10
 kthread+0xb7/0xe0
 ? __pfx_kthread+0x10/0x10
 ret_from_fork+0x2d/0x40
 ? __pfx_kthread+0x10/0x10
 ret_from_fork_asm+0x1a/0x30
 </TASK>
```

After tracing the scheduling event, it was discovered that the migration
of the ""timerlat/1"" thread was performed during thread creation. Further
analysis confirmed that it is because the CPU online processing for
osnoise is implemented through workers, which is asynchronous with the
offline processing. When the worker was scheduled to create a thread, the
CPU may has already been removed from the cpu_online_mask during the offline
process, resulting in the inability to select the right CPU:

T1                       | T2
[CPUHP_ONLINE]           | cpu_device_down()
osnoise_hotplug_workfn() |
                         |     cpus_write_lock()
                         |     takedown_cpu(1)
                         |     cpus_write_unlock()
[CPUHP_OFFLINE]          |
    cpus_read_lock()     |
    start_kthread(1)     |
    cpus_read_unlock()   |

To fix this, skip online processing if the CPU is already offline.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-6859,"The WP MultiTasking  WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23622,"A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6791,A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file.  This vulnerability affects VeriStand 2024 Q2 and prior versions.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7831,"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this vulnerability is the function cgi_get_cooliris of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument path leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22923,SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary code via a crafted script.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-1355,"A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program.
",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-36979,"In the Linux kernel, the following vulnerability has been resolved:

net: bridge: mst: fix vlan use-after-free

syzbot reported a suspicious rcu usage[1] in bridge's mst code. While
fixing it I noticed that nothing prevents a vlan to be freed while
walking the list from the same path (br forward delay timer). Fix the rcu
usage and also make sure we are not accessing freed memory by making
br_mst_vlan_set_state use rcu read lock.

[1]
 WARNING: suspicious RCU usage
 6.9.0-rc6-syzkaller #0 Not tainted
 -----------------------------
 net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!
 ...
 stack backtrace:
 CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0
 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
 Call Trace:
  <IRQ>
  __dump_stack lib/dump_stack.c:88 [inline]
  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
  lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712
  nbp_vlan_group net/bridge/br_private.h:1599 [inline]
  br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105
  br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47
  br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88
  call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793
  expire_timers kernel/time/timer.c:1844 [inline]
  __run_timers kernel/time/timer.c:2418 [inline]
  __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429
  run_timer_base kernel/time/timer.c:2438 [inline]
  run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448
  __do_softirq+0x2c6/0x980 kernel/softirq.c:554
  invoke_softirq kernel/softirq.c:428 [inline]
  __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633
  irq_exit_rcu+0x9/0x30 kernel/softirq.c:645
  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
  sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043
  </IRQ>
  <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758
 Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
 RSP: 0018:ffffc90013657100 EFLAGS: 00000206
 RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001
 RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60
 RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0
 R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28
 R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-25566,"An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under their control, simplifying phishing attacks",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-0473,A vulnerability classified as critical has been found in code-projects Dormitory Management System 1.0. Affected is an unknown function of the file comment.php. The manipulation of the argument com leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250578 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47608,Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43496,Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0133,NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N,3.4,1.6,1.4,LOW,2024-12-08T08:00Z,NETWORK,HIGH,NONE,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2024-11463,"The DeBounce Email Validator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'from', 'to', and 'key' parameters in all versions up to, and including, 5.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-43759,"Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2024-43534,Windows Graphics Component Information Disclosure Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-0841,A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7008,Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-38570,"In the Linux kernel, the following vulnerability has been resolved:

gfs2: Fix potential glock use-after-free on unmount

When a DLM lockspace is released and there ares still locks in that
lockspace, DLM will unlock those locks automatically.  Commit
fb6791d100d1b started exploiting this behavior to speed up filesystem
unmount: gfs2 would simply free glocks it didn't want to unlock and then
release the lockspace.  This didn't take the bast callbacks for
asynchronous lock contention notifications into account, which remain
active until until a lock is unlocked or its lockspace is released.

To prevent those callbacks from accessing deallocated objects, put the
glocks that should not be unlocked on the sd_dead_glocks list, release
the lockspace, and only then free those glocks.

As an additional measure, ignore unexpected ast and bast callbacks if
the receiving glock is dead.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43463,Microsoft Office Visio Remote Code Execution Vulnerability,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22417,"Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a `GET` request on lines 339-343 in `requests.py`. The returned contents of the URL are then passed to and reflected back to the user in the `send_file` function on line 484, together with the user-controlled `src_type`, which allows the attacker to control the HTTP response content type leading to a cross-site scripting vulnerability. An attacker could craft a special URL to point to a malicious website and send the link to a victim. The fact that the link would contain a trusted domain (e.g. from one of public Whoogle instances) could be used to trick the user into clicking the link. The malicious website could, for example, be a copy of a real website, meant to steal a person’s credentials to the website, or trick that person in another way. Version 0.8.4 contains a patch for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-0573,A vulnerability has been found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250789 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-34481,"drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, captions, and image titles of a Wiki page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-53067,"In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Start the RTC update work later

The RTC update work involves runtime resuming the UFS controller. Hence,
only start the RTC update work after runtime power management in the UFS
driver has been fully initialized. This patch fixes the following kernel
crash:

Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Workqueue: events ufshcd_rtc_work
Call trace:
 _raw_spin_lock_irqsave+0x34/0x8c (P)
 pm_runtime_get_if_active+0x24/0x9c (L)
 pm_runtime_get_if_active+0x24/0x9c
 ufshcd_rtc_work+0x138/0x1b4
 process_one_work+0x148/0x288
 worker_thread+0x2cc/0x3d4
 kthread+0x110/0x114
 ret_from_fork+0x10/0x20",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-21649,"The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Prior to 4.2.0, authenticated users could inject code into algorithm environment variables, resulting in remote code execution.  This vulnerability is patched in 4.2.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7871,SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6649,A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function save_users of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271057 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2024-43380,"fugit contains time tools for flor and the floraison group. The fugit ""natural"" parser, that turns ""every wednesday at 5pm"" into ""0 17 * * 3"", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0421,"The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-38562,"In the Linux kernel, the following vulnerability has been resolved:

wifi: nl80211: Avoid address calculations via out of bounds array indexing

Before request->channels[] can be used, request->n_channels must be set.
Additionally, address calculations for memory after the ""channels"" array
need to be calculated from the allocation base (""request"") rather than
via the first ""out of bounds"" index of ""channels"", otherwise run-time
bounds checking will throw a warning.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-31835,Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9918,A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/sql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37958,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49951,"In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: MGMT: Fix possible crash on mgmt_index_removed

If mgmt_index_removed is called while there are commands queued on
cmd_sync it could lead to crashes like the bellow trace:

0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc
0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth]
0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth]
0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth]

So while handling mgmt_index_removed this attempts to dequeue
commands passed as user_data to cmd_sync.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8869,A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38314,"IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-45271,An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-33973,"SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following    'Attendance' and 'YearLevel' in '/report/attendance_print.php' parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-10422,"A vulnerability, which was classified as critical, has been found in SourceCodester Attendance and Payroll System 1.0. This issue affects some unknown processing of the file /admin/overtime_add.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22860,"Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8916,"The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-38546,"In the Linux kernel, the following vulnerability has been resolved:

drm: vc4: Fix possible null pointer dereference

In vc4_hdmi_audio_init() of_get_address() may return
NULL which is later dereferenced. Fix this bug by adding NULL check.

Found by Linux Verification Center (linuxtesting.org) with SVACE.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0422,A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /new_item of the component New Item Creation Page. The manipulation of the argument new_item leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250441 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9090,A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-24559,"Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, the `height` variable is miscalculated. The vulnerability can't be triggered without writing the `IR` by hand (that is, it cannot be triggered from regular vyper code). `sha3_64` is used for retrieval in mappings. No flow that would cache the `key` was found so the issue shouldn't be possible to trigger when compiling the compiler-generated `IR`. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-23325,"Envoy is a high-performance edge/middle/service proxy. Envoy crashes in Proxy protocol when using an address type that isn’t supported by the OS. Envoy is susceptible to crashing on a host with IPv6 disabled and a listener config with proxy protocol enabled when it receives a request where the client presents its IPv6 address.  It is valid for a client to present its IPv6 address to a target server even though the whole chain is connected via IPv4. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46593,Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-27799,"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2024-29509,"Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10468,"Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H,5.3,1.6,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46261,cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47699,"In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()

Patch series ""nilfs2: fix potential issues with empty b-tree nodes"".

This series addresses three potential issues with empty b-tree nodes that
can occur with corrupted filesystem images, including one recently
discovered by syzbot.


This patch (of 3):

If a b-tree is broken on the device, and the b-tree height is greater than
2 (the level of the root node is greater than 1) even if the number of
child nodes of the b-tree root is 0, a NULL pointer dereference occurs in
nilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().

This is because, when the number of child nodes of the b-tree root is 0,
nilfs_btree_do_lookup() does not set the block buffer head in any of
path[x].bp_bh, leaving it as the initial value of NULL, but if the level
of the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(),
which accesses the buffer memory of path[x].bp_bh, is called.

Fix this issue by adding a check to nilfs_btree_root_broken(), which
performs sanity checks when reading the root node from the device, to
detect this inconsistency.

Thanks to Lizhi Xu for trying to solve the bug and clarifying the cause
early on.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46699,"In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Disable preemption while updating GPU stats

We forgot to disable preemption around the write_seqcount_begin/end() pair
while updating GPU stats:

  [ ] WARNING: CPU: 2 PID: 12 at include/linux/seqlock.h:221 __seqprop_assert.isra.0+0x128/0x150 [v3d]
  [ ] Workqueue: v3d_bin drm_sched_run_job_work [gpu_sched]
 <...snip...>
  [ ] Call trace:
  [ ]  __seqprop_assert.isra.0+0x128/0x150 [v3d]
  [ ]  v3d_job_start_stats.isra.0+0x90/0x218 [v3d]
  [ ]  v3d_bin_job_run+0x23c/0x388 [v3d]
  [ ]  drm_sched_run_job_work+0x520/0x6d0 [gpu_sched]
  [ ]  process_one_work+0x62c/0xb48
  [ ]  worker_thread+0x468/0x5b0
  [ ]  kthread+0x1c4/0x1e0
  [ ]  ret_from_fork+0x10/0x20

Fix it.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50208,"In the Linux kernel, the following vulnerability has been resolved:

RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages

Avoid memory corruption while setting up Level-2 PBL pages for the non MR
resources when num_pages > 256K.

There will be a single PDE page address (contiguous pages in the case of >
PAGE_SIZE), but, current logic assumes multiple pages, leading to invalid
memory access after 256K PBL entries in the PDE.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10669,"The Countdown Timer block – Display the event&#039;s date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-47751,"In the Linux kernel, the following vulnerability has been resolved:

PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()

Within kirin_pcie_parse_port(), the pcie->num_slots is compared to
pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead
to an overflow.

Thus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move
pcie->num_slots increment below the if-statement to avoid out-of-bounds
array access.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

[kwilczynski: commit log]",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-2350,"The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CAFE Icon, CAFE Team Member, and CAFE Slider widgets in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-6763,"Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-43823,"In the Linux kernel, the following vulnerability has been resolved:

PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()

If IORESOURCE_MEM is not provided in Device Tree due to
any error, resource_list_first_type() will return NULL and
pci_parse_request_of_pci_ranges() will just emit a warning.

This will cause a NULL pointer dereference. Fix this bug by adding NULL
return check.

Found by Linux Verification Center (linuxtesting.org) with SVACE.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-45429,"Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting privilege which is set in the product settings stores an arbitrary script in the field label, the script may be executed on the web browser of the logged-in user with the same privilege as the attacker's.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-36992,"In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user. The “url” parameter of the Dashboard element does not have proper input validation to reject invalid URLs, which could lead to a Persistent Cross-site Scripting (XSS) exploit.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-47128,"The goTenna Pro App encryption key name is always sent unencrypted when 
the key is shared over RF through a broadcast message. It is advised to 
share the encryption key via local QR for higher security operations.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-8519,"The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'um_loggedin' shortcode in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22229,"
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create false alarms, and inject malicious content into logs that compromise logs integrity. A malicious attacker could also prevent the product from logging information while malicious actions are performed or implicate an arbitrary user for malicious activities.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-6438,A vulnerability has been found in Hitout Carsale 1.0 and classified as critical. This vulnerability affects unknown code of the file OrderController.java. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-270166 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-5942,"The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.0 via the 'content_clone' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to clone and read private posts.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2024-49769,"Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0684,"A flaw was found in the GNU coreutils ""split"" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-42354,"Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3,  and 6.4, corresponding security measures are also available via a plugin.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-7049,"In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE
CVE-2024-50833,A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-28115,"FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper. ",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42085,"In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock

When config CONFIG_USB_DWC3_DUAL_ROLE is selected, and trigger system
to enter suspend status with below command:
echo mem > /sys/power/state
There will be a deadlock issue occurring. Detailed invoking path as
below:
dwc3_suspend_common()
    spin_lock_irqsave(&dwc->lock, flags);              <-- 1st
    dwc3_gadget_suspend(dwc);
        dwc3_gadget_soft_disconnect(dwc);
            spin_lock_irqsave(&dwc->lock, flags);      <-- 2nd
This issue is exposed by commit c7ebd8149ee5 (""usb: dwc3: gadget: Fix
NULL pointer dereference in dwc3_gadget_suspend"") that removes the code
of checking whether dwc->gadget_driver is NULL or not. It causes the
following code is executed and deadlock occurs when trying to get the
spinlock. In fact, the root cause is the commit 5265397f9442(""usb: dwc3:
Remove DWC3 locking during gadget suspend/resume"") that forgot to remove
the lock of otg mode. So, remove the redundant lock of otg mode during
gadget suspend/resume.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-51739,"Combodo iTop is a simple, web based IT Service Management tool. Unauthenticated user can perform users enumeration, which can make it easier to bruteforce a valid account. As a fix the sentence displayed after resetting password no longer shows if the user exists or not. This fix is included in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. Users unable to upgrade may overload the dictionary entry `""UI:ResetPwd-Error-WrongLogin""` through an extension and replace it with a generic message.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-10881,"The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lunaradio' shortcode in versions up to, and including, 6.24.11.07 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-7599,"The Advanced Sermons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sermon_video_embed’ parameter in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-0288,A vulnerability classified as critical has been found in Kashipara Food Management System 1.0. This affects an unknown part of the file rawstock_used_damaged_submit.php. The manipulation of the argument product_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249849 was assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50161,"In the Linux kernel, the following vulnerability has been resolved:

bpf: Check the remaining info_cnt before repeating btf fields

When trying to repeat the btf fields for array of nested struct, it
doesn't check the remaining info_cnt. The following splat will be
reported when the value of ret * nelems is greater than BTF_FIELDS_MAX:

  ------------[ cut here ]------------
  UBSAN: array-index-out-of-bounds in ../kernel/bpf/btf.c:3951:49
  index 11 is out of range for type 'btf_field_info [11]'
  CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1
  Tainted: [O]=OOT_MODULE
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...
  Call Trace:
   <TASK>
   dump_stack_lvl+0x57/0x70
   dump_stack+0x10/0x20
   ubsan_epilogue+0x9/0x40
   __ubsan_handle_out_of_bounds+0x6f/0x80
   ? kallsyms_lookup_name+0x48/0xb0
   btf_parse_fields+0x992/0xce0
   map_create+0x591/0x770
   __sys_bpf+0x229/0x2410
   __x64_sys_bpf+0x1f/0x30
   x64_sys_call+0x199/0x9f0
   do_syscall_64+0x3b/0xc0
   entry_SYSCALL_64_after_hwframe+0x4b/0x53
  RIP: 0033:0x7fea56f2cc5d
  ......
   </TASK>
  ---[ end trace ]---

Fix it by checking the remaining info_cnt in btf_repeat_fields() before
repeating the btf fields.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-11528,"IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24602.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39425,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.0,1.0,5.9,HIGH,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-45467,"A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41940,A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-48996,SQL Server Native Client Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47594,"SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link, confidentiality and integrity of their web browser session could be compromised.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23172,"An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9567,"A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37480,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23467,The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-24507,Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-51378,"getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43975,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in highwarden Super Store Finder allows Cross-Site Scripting (XSS).This issue affects Super Store Finder: from n/a through 6.9.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-45372,"MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2024-23223,"A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.2,2.5,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-0646,An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23112,"An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-41957,"Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,
but it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,5.3,1.8,3.4,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2024-23261,"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-45765,"Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability as it allows high privilege OS commands to be executed with a less privileged role; so Dell recommends customers to upgrade at the earliest opportunity.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-5958,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eliz Software Panel allows Command Line Execution through SQL Injection.This issue affects Panel: before v2.3.24.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-49693,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22051,"CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41730,"In SAP BusinessObjects Business Intelligence
Platform, if Single Signed On is enabled on Enterprise authentication, an
unauthorized user can get a logon token using a REST endpoint. The attacker can
fully compromise the system resulting in High impact on confidentiality,
integrity and availability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7283,"A vulnerability, which was classified as critical, has been found in SourceCodester Lot Reservation Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273152.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8841,"PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24432.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-50312,"A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-10621,"The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pw_map shortcode in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-25318,Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50488,Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-20415,"A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-34753,Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-0664,"The Meks Smart Social Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Meks Smart Social Widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-8075,A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42566,School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42572,School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42030,"Access permission verification vulnerability in the content sharing pop-up module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.2,2.5,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-1167,"
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can occur.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-0812,Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42906,"TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-25360,A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-30466,Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9681,"When curl is asked to use HSTS, the expiry time for a subdomain might
overwrite a parent domain's cache entry, making it end sooner or later than
otherwise intended.

This affects curl using applications that enable HSTS and use URLs with the
insecure `HTTP://` scheme and perform transfers with hosts like
`x.example.com` as well as `example.com` where the first host is a subdomain
of the second host.

(The HSTS cache either needs to have been populated manually or there needs to
have been previous HTTPS accesses done as the cache needs to have entries for
the domains involved to trigger this problem.)

When `x.example.com` responds with `Strict-Transport-Security:` headers, this
bug can make the subdomain's expiry timeout *bleed over* and get set for the
parent domain `example.com` in curl's HSTS cache.

The result of a triggered bug is that HTTP accesses to `example.com` get
converted to HTTPS for a different period of time than what was asked for by
the origin server. If `example.com` for example stops supporting HTTPS at its
expiry time, curl might then fail to access `http://example.com` until the
(wrongly set) timeout expires. This bug can also expire the parent's entry
*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier
than otherwise intended.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L,6.5,2.2,4.2,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,LOW
CVE-2024-40770,A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-22593,FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-11370,"The Subaccounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-37352,"There is a cross-site scripting vulnerability in the
management UI of Absolute Secure Access prior to version 13.06 that allows
attackers with system administrator permissions to interfere with other system
administrators’ use of the management UI when the second administrator accesses
the vulnerable page. The scope is unchanged, there is no loss of
confidentiality. Impact to system integrity is high, impact to system
availability is none.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N,3.4,1.7000000000000002,1.4,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2024-38057,Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46762,"In the Linux kernel, the following vulnerability has been resolved:

xen: privcmd: Fix possible access to a freed kirqfd instance

Nothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() and
privcmd_irqfd_deassign(). If that happens, it is possible that a kirqfd
created and added to the irqfds_list by privcmd_irqfd_assign() may get
removed by another thread executing privcmd_irqfd_deassign(), while the
former is still using it after dropping the locks.

This can lead to a situation where an already freed kirqfd instance may
be accessed and cause kernel oops.

Use SRCU locking to prevent the same, as is done for the KVM
implementation for irqfds.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-40952,"In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty()

bdev->bd_super has been removed and commit 8887b94d9322 change the usage
from bdev->bd_super to b_assoc_map->host->i_sb.  This introduces the
following NULL pointer dereference in ocfs2_journal_dirty() since
b_assoc_map is still not initialized.  This can be easily reproduced by
running xfstests generic/186, which simulate no more credits.

[  134.351592] BUG: kernel NULL pointer dereference, address: 0000000000000000
...
[  134.355341] RIP: 0010:ocfs2_journal_dirty+0x14f/0x160 [ocfs2]
...
[  134.365071] Call Trace:
[  134.365312]  <TASK>
[  134.365524]  ? __die_body+0x1e/0x60
[  134.365868]  ? page_fault_oops+0x13d/0x4f0
[  134.366265]  ? __pfx_bit_wait_io+0x10/0x10
[  134.366659]  ? schedule+0x27/0xb0
[  134.366981]  ? exc_page_fault+0x6a/0x140
[  134.367356]  ? asm_exc_page_fault+0x26/0x30
[  134.367762]  ? ocfs2_journal_dirty+0x14f/0x160 [ocfs2]
[  134.368305]  ? ocfs2_journal_dirty+0x13d/0x160 [ocfs2]
[  134.368837]  ocfs2_create_new_meta_bhs.isra.51+0x139/0x2e0 [ocfs2]
[  134.369454]  ocfs2_grow_tree+0x688/0x8a0 [ocfs2]
[  134.369927]  ocfs2_split_and_insert.isra.67+0x35c/0x4a0 [ocfs2]
[  134.370521]  ocfs2_split_extent+0x314/0x4d0 [ocfs2]
[  134.371019]  ocfs2_change_extent_flag+0x174/0x410 [ocfs2]
[  134.371566]  ocfs2_add_refcount_flag+0x3fa/0x630 [ocfs2]
[  134.372117]  ocfs2_reflink_remap_extent+0x21b/0x4c0 [ocfs2]
[  134.372994]  ? inode_update_timestamps+0x4a/0x120
[  134.373692]  ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ocfs2]
[  134.374545]  ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ocfs2]
[  134.375393]  ocfs2_reflink_remap_blocks+0xe4/0x4e0 [ocfs2]
[  134.376197]  ocfs2_remap_file_range+0x1de/0x390 [ocfs2]
[  134.376971]  ? security_file_permission+0x29/0x50
[  134.377644]  vfs_clone_file_range+0xfe/0x320
[  134.378268]  ioctl_file_clone+0x45/0xa0
[  134.378853]  do_vfs_ioctl+0x457/0x990
[  134.379422]  __x64_sys_ioctl+0x6e/0xd0
[  134.379987]  do_syscall_64+0x5d/0x170
[  134.380550]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[  134.381231] RIP: 0033:0x7fa4926397cb
[  134.381786] Code: 73 01 c3 48 8b 0d bd 56 38 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8d 56 38 00 f7 d8 64 89 01 48
[  134.383930] RSP: 002b:00007ffc2b39f7b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.384854] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fa4926397cb
[  134.385734] RDX: 00007ffc2b39f7f0 RSI: 000000004020940d RDI: 0000000000000003
[  134.386606] RBP: 0000000000000000 R08: 00111a82a4f015bb R09: 00007fa494221000
[  134.387476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.388342] R13: 0000000000f10000 R14: 0000558e844e2ac8 R15: 0000000000f10000
[  134.389207]  </TASK>

Fix it by only aborting transaction and journal in ocfs2_journal_dirty()
now, and leave ocfs2_abort() later when detecting an aborted handle,
e.g. start next transaction. Also log the handle details in this case.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10726,"The Friendly Functions for Welcart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.4. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-47654,"This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-22209,Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-48993,SQL Server Native Client Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-40934,"In the Linux kernel, the following vulnerability has been resolved:

HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()

Fix a memory leak on logi_dj_recv_send_report() error path.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-11521,"IrfanView DJVU File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DJVU files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24578.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23243,A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app may be able to read sensitive location information.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2024-7159,A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier VDB-272573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6225,"The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.5 (and 7.5.1 for the Pro version) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-45011,"In the Linux kernel, the following vulnerability has been resolved:

char: xillybus: Check USB endpoints when probing device

Ensure, as the driver probes the device, that all endpoints that the
driver may attempt to access exist and are of the correct type.

All XillyUSB devices must have a Bulk IN and Bulk OUT endpoint at
address 1. This is verified in xillyusb_setup_base_eps().

On top of that, a XillyUSB device may have additional Bulk OUT
endpoints. The information about these endpoints' addresses is deduced
from a data structure (the IDT) that the driver fetches from the device
while probing it. These endpoints are checked in setup_channels().

A XillyUSB device never has more than one IN endpoint, as all data
towards the host is multiplexed in this single Bulk IN endpoint. This is
why setup_channels() only checks OUT endpoints.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-5976,A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. Affected is the function log_employee of the file /classes/Master.php?f=log_employee. The manipulation of the argument employee_code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268422 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0005,A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-4474,"The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2024-22148,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Editor JoomUnited allows Reflected XSS.This issue affects JoomUnited: from n/a through 1.3.3.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7272,"A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10507,A vulnerability classified as critical was found in Codezips Free Exam Hall Seating Management System 1.0. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50530,Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.7.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42985,Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38091,Microsoft WS-Discovery Denial of Service Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-6750,"The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete post meta and plugin options.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-8194,Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8544,"The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-45230,"An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-47739,"In the Linux kernel, the following vulnerability has been resolved:

padata: use integer wrap around to prevent deadlock on seq_nr overflow

When submitting more than 2^32 padata objects to padata_do_serial, the
current sorting implementation incorrectly sorts padata objects with
overflowed seq_nr, causing them to be placed before existing objects in
the reorder list. This leads to a deadlock in the serialization process
as padata_find_next cannot match padata->seq_nr and pd->processed
because the padata instance with overflowed seq_nr will be selected
next.

To fix this, we use an unsigned integer wrap around to correctly sort
padata objects in scenarios with integer overflow.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9670,"The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 6.0.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22415,"jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control (on the operating system level), and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root directory. This issue has been patched in version 2.2.2 and all users are advised to upgrade. Users unable to upgrade should uninstall jupyter-lsp.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22548,FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7016,"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Smarttek Informatics Smart Doctor allows Stored XSS.This issue affects Smart Doctor: through 21.11.2024.


NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-47050,"Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49049,Visual Studio Code Remote Extension Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-4359,"The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the render_svg function. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-3163,"The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2024-34635,Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-21265,"Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy Flows).  Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Site Hub.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Site Hub accessible data as well as  unauthorized access to critical data or complete access to all Oracle Site Hub accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-21903,"An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.1.6.2722 build 20240402 and later
QuTS hero h5.1.6.2734 build 20240414 and later",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L,4.7,1.2,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2024-43862,"In the Linux kernel, the following vulnerability has been resolved:

net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex

The carrier_lock spinlock protects the carrier detection. While it is
held, framer_get_status() is called which in turn takes a mutex.
This is not correct and can lead to a deadlock.

A run with PROVE_LOCKING enabled detected the issue:
  [ BUG: Invalid wait context ]
  ...
  c204ddbc (&framer->mutex){+.+.}-{3:3}, at: framer_get_status+0x40/0x78
  other info that might help us debug this:
  context-{4:4}
  2 locks held by ifconfig/146:
  #0: c0926a38 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x12c/0x664
  #1: c2006a40 (&qmc_hdlc->carrier_lock){....}-{2:2}, at: qmc_hdlc_framer_set_carrier+0x30/0x98

Avoid the spinlock usage and convert carrier_lock to a mutex.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-36474,An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-44130,This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,4.4,0.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-43840,"In the Linux kernel, the following vulnerability has been resolved:

bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG

When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls
__bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them
the struct bpf_tramp_image *im pointer as an argument in R0.

The trampoline generation code uses emit_addr_mov_i64() to emit
instructions for moving the bpf_tramp_image address into R0, but
emit_addr_mov_i64() assumes the address to be in the vmalloc() space
and uses only 48 bits. Because bpf_tramp_image is allocated using
kzalloc(), its address can use more than 48-bits, in this case the
trampoline will pass an invalid address to __bpf_tramp_enter/exit()
causing a kernel crash.

Fix this by using emit_a64_mov_i64() in place of emit_addr_mov_i64()
as it can work with addresses that are greater than 48-bits.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-22705,An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-1818,A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /uploads/ of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254606 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0531,A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23972,"Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the USB host driver. A crafted USB configuration descriptor can trigger an overflow of a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device.

Was ZDI-CAN-23185",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,6.8,0.9,5.9,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7360,A vulnerability classified as problematic has been found in SourceCodester Tracking Monitoring Management System 1.0. This affects an unknown part of the file /ajax.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273339.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35696,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through 2.1.3.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-41132,"ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-44779,A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2024-26050,Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-4708,"mySCADA myPRO 

uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41121,Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets who would be normally provided to the plugins who's entrypoint are overwritten. This issue has been addressed in release version 2.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-44184,"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-43902,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null checker before passing variables

Checks null pointer before passing variables to functions.

This fixes 3 NULL_RETURNS issues reported by Coverity.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7364,A vulnerability has been found in SourceCodester Tracking Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage_records.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273343.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6442,"In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-36775,A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-44796,A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-41144,"Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly validate synced posts, when shared channels are enabled,  which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L,7.1,2.8,4.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,LOW
CVE-2024-41846,Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-8512,"The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.26 via the 'script' parameter of the hookBeforeStartOptimization() function. This is due to the plugin passing user supplied input to eval(). This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-52300,"macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact the confidentiality, integrity and availability of the whole XWiki installation when an admin visits the page with the malicious code. This is fixed in 2.5.6.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,9.0,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2024-49977,"In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: Fix zero-division error when disabling tc cbs

The commit b8c43360f6e4 (""net: stmmac: No need to calculate speed divider
when offload is disabled"") allows the ""port_transmit_rate_kbps"" to be
set to a value of 0, which is then passed to the ""div_s64"" function when
tc-cbs is disabled. This leads to a zero-division error.

When tc-cbs is disabled, the idleslope, sendslope, and credit values the
credit values are not required to be configured. Therefore, adding a return
statement after setting the txQ mode to DCB when tc-cbs is disabled would
prevent a zero-division error.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-50079,"In the Linux kernel, the following vulnerability has been resolved:

io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work

When the sqpoll is exiting and cancels pending work items, it may need
to run task_work. If this happens from within io_uring_cancel_generic(),
then it may be under waiting for the io_uring_task waitqueue. This
results in the below splat from the scheduler, as the ring mutex may be
attempted grabbed while in a TASK_INTERRUPTIBLE state.

Ensure that the task state is set appropriately for that, just like what
is done for the other cases in io_run_task_work().

do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000029387fd2>] prepare_to_wait+0x88/0x2fc
WARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140
Modules linked in:
CPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456
Hardware name: linux,dummy-virt (DT)
pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : __might_sleep+0xf4/0x140
lr : __might_sleep+0xf4/0x140
sp : ffff80008c5e7830
x29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230
x26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50
x23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180
x20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90
x17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720
x14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b
x11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000
x8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001
x5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc
x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180
Call trace:
 __might_sleep+0xf4/0x140
 mutex_lock+0x84/0x124
 io_handle_tw_list+0xf4/0x260
 tctx_task_work_run+0x94/0x340
 io_run_task_work+0x1ec/0x3c0
 io_uring_cancel_generic+0x364/0x524
 io_sq_thread+0x820/0x124c
 ret_from_fork+0x10/0x20",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-44194,"This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-11455,"The Include Mastodon Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'include-mastodon-feed' shortcode in all versions up to, and including, 1.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-10588,"The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to obtain information from phpinfo(). When WP_DEBUG is enabled, this can be exploited by unauthenticated users as well.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-45265,A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23218,"A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,5.9,2.2,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-25639,"Khoj is an application that creates personal AI agents. The Khoj Obsidian, Desktop and Web clients inadequately sanitize the AI model's response and user inputs. This can trigger Cross Site Scripting (XSS) via Prompt Injection from untrusted documents either indexed by the user on Khoj or read by Khoj from the internet when the user invokes the /online command. This vulnerability is fixed in 1.13.0.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42376,"SAP Shared Service Framework does not perform necessary
authorization check for an authenticated user, resulting in escalation of
privileges. On successful exploitation, an attacker can cause a high impact on
confidentiality of the application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-41565,"JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-0813,Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35997,"In the Linux kernel, the following vulnerability has been resolved:

HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up

The flag I2C_HID_READ_PENDING is used to serialize I2C operations.
However, this is not necessary, because I2C core already has its own
locking for that.

More importantly, this flag can cause a lock-up: if the flag is set in
i2c_hid_xfer() and an interrupt happens, the interrupt handler
(i2c_hid_irq) will check this flag and return immediately without doing
anything, then the interrupt handler will be invoked again in an
infinite loop.

Since interrupt handler is an RT task, it takes over the CPU and the
flag-clearing task never gets scheduled, thus we have a lock-up.

Delete this unnecessary flag.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-34593,Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9827,"A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability.  A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-31979,"Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installation process of pipeline elements.
Previously, StreamPipes allowed users to configure custom endpoints from which to install additional pipeline elements. 
These endpoints were not properly validated, allowing an attacker to get StreamPipes to send an HTTP GET request to an arbitrary address.
This issue affects Apache StreamPipes: through 0.93.0.

Users are recommended to upgrade to version 0.95.0, which fixes the issue.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-0507,"An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-45112,"Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-34684,"On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated attacker with
administrator access on the local server to access the password of a local
account. As a result, an attacker can obtain non-administrative user
credentials, which will allow them to read or modify the remote server files.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,6.0,0.8,5.2,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-20437,"A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device.

 This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the targeted user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42412,"Cross-site scripting vulnerability exists in ELECOM wireless access points due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-48253,Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-30098,Windows Cryptographic Services Security Feature Bypass Vulnerability,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,7.5,1.6,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22380,"Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version) March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-37347,"There is a cross-site scripting vulnerability in the pool
configuration component of the management UI of Absolute Secure Access prior to
13.06. Attackers with system administrator permissions can pass a limited
length script to be run by another administrator. The scope is unchanged, there
is no loss of confidentiality. Impact to system integrity is high, impact to
system availability is none.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N,3.4,1.7000000000000002,1.4,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,NONE,LOW,NONE
CVE-2024-51520,"Vulnerability of input parameters not being verified in the HDC module
Impact: Successful exploitation of this vulnerability may affect availability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-40902,"In the Linux kernel, the following vulnerability has been resolved:

jfs: xattr: fix buffer overflow for invalid xattr

When an xattr size is not what is expected, it is printed out to the
kernel log in hex format as a form of debugging.  But when that xattr
size is bigger than the expected size, printing it out can cause an
access off the end of the buffer.

Fix this all up by properly restricting the size of the debug hex dump
in the kernel log.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35697,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-50579,In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49632,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Coral Web Design CWD 3D Image Gallery allows Reflected XSS.This issue affects CWD 3D Image Gallery: from n/a through 1.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-5452,"A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42481,"Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8850,The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as {email} is used for the field in versions 4.9.9 to 4.9.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-43177,IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9325,A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-32668,"An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller.

A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-4576,"The component listed above contains a vulnerability that allows an attacker to traverse directories and access sensitive files, leading to unauthorized disclosure of system configuration and potentially sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-34646,Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-47496,"A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).

When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.

 This issue only affects MX Series devices with Line cards MPC1-MPC9.
This issue affects:
Junos OS on MX Series: 


  *  All versions before 21.4R3-S9, 
  *  from 22.2 before 22.2R3-S5, 
  *  from 22.3 before 22.3R3-S4, 
  *  from 22.4 before 22.4R3-S2, 
  *  from 23.2 before 23.2R2-S1, 
  *  from 23.4 before 23.4R2.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-5330,"The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdance_css_file_paths_cache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-42861,An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-49858,"In the Linux kernel, the following vulnerability has been resolved:

efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption

The TPM event log table is a Linux specific construct, where the data
produced by the GetEventLog() boot service is cached in memory, and
passed on to the OS using an EFI configuration table.

The use of EFI_LOADER_DATA here results in the region being left
unreserved in the E820 memory map constructed by the EFI stub, and this
is the memory description that is passed on to the incoming kernel by
kexec, which is therefore unaware that the region should be reserved.

Even though the utility of the TPM2 event log after a kexec is
questionable, any corruption might send the parsing code off into the
weeds and crash the kernel. So let's use EFI_ACPI_RECLAIM_MEMORY
instead, which is always treated as reserved by the E820 conversion
logic.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7907,"A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. This issue affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22770,Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-49987,"In the Linux kernel, the following vulnerability has been resolved:

bpftool: Fix undefined behavior in qsort(NULL, 0, ...)

When netfilter has no entry to display, qsort is called with
qsort(NULL, 0, ...). This results in undefined behavior, as UBSan
reports:

net.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null

Although the C standard does not explicitly state whether calling qsort
with a NULL pointer when the size is 0 constitutes undefined behavior,
Section 7.1.4 of the C standard (Use of library functions) mentions:

""Each of the following statements applies unless explicitly stated
otherwise in the detailed descriptions that follow: If an argument to a
function has an invalid value (such as a value outside the domain of
the function, or a pointer outside the address space of the program, or
a null pointer, or a pointer to non-modifiable storage when the
corresponding parameter is not const-qualified) or a type (after
promotion) not expected by a function with variable number of
arguments, the behavior is undefined.""

To avoid this, add an early return when nf_link_info is NULL to prevent
calling qsort with a NULL pointer.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38127,Windows Hyper-V Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-28947,Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,8.2,1.5,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-7376,"A vulnerability, which was classified as critical, was found in SourceCodester Simple Realtime Quiz System 1.0. Affected is an unknown function of the file /print_quiz_records.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273360.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-49325,Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10419,A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bloodrequest.php. The manipulation of the argument msg leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-50252,"In the Linux kernel, the following vulnerability has been resolved:

mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address

The device stores IPv6 addresses that are used for encapsulation in
linear memory that is managed by the driver.

Changing the remote address of an ip6gre net device never worked
properly, but since cited commit the following reproducer [1] would
result in a warning [2] and a memory leak [3]. The problem is that the
new remote address is never added by the driver to its hash table (and
therefore the device) and the old address is never removed from it.

Fix by programming the new address when the configuration of the ip6gre
net device changes and removing the old one. If the address did not
change, then the above would result in increasing the reference count of
the address and then decreasing it.

[1]
 # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit
 # ip link set dev bla type ip6gre remote 2001:db8:3::1
 # ip link del dev bla
 # devlink dev reload pci/0000:01:00.0

[2]
WARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0
Modules linked in:
CPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151
Hardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023
RIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0
[...]
Call Trace:
 <TASK>
 mlxsw_sp_router_netdevice_event+0x55f/0x1240
 notifier_call_chain+0x5a/0xd0
 call_netdevice_notifiers_info+0x39/0x90
 unregister_netdevice_many_notify+0x63e/0x9d0
 rtnl_dellink+0x16b/0x3a0
 rtnetlink_rcv_msg+0x142/0x3f0
 netlink_rcv_skb+0x50/0x100
 netlink_unicast+0x242/0x390
 netlink_sendmsg+0x1de/0x420
 ____sys_sendmsg+0x2bd/0x320
 ___sys_sendmsg+0x9a/0xe0
 __sys_sendmsg+0x7a/0xd0
 do_syscall_64+0x9e/0x1a0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

[3]
unreferenced object 0xffff898081f597a0 (size 32):
  comm ""ip"", pid 1626, jiffies 4294719324
  hex dump (first 32 bytes):
    20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01   ...............
    21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00  !Ia.............
  backtrace (crc fd9be911):
    [<00000000df89c55d>] __kmalloc_cache_noprof+0x1da/0x260
    [<00000000ff2a1ddb>] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340
    [<000000009ddd445d>] mlxsw_sp_router_netdevice_event+0x47b/0x1240
    [<00000000743e7757>] notifier_call_chain+0x5a/0xd0
    [<000000007c7b9e13>] call_netdevice_notifiers_info+0x39/0x90
    [<000000002509645d>] register_netdevice+0x5f7/0x7a0
    [<00000000c2e7d2a9>] ip6gre_newlink_common.isra.0+0x65/0x130
    [<0000000087cd6d8d>] ip6gre_newlink+0x72/0x120
    [<000000004df7c7cc>] rtnl_newlink+0x471/0xa20
    [<0000000057ed632a>] rtnetlink_rcv_msg+0x142/0x3f0
    [<0000000032e0d5b5>] netlink_rcv_skb+0x50/0x100
    [<00000000908bca63>] netlink_unicast+0x242/0x390
    [<00000000cdbe1c87>] netlink_sendmsg+0x1de/0x420
    [<0000000011db153e>] ____sys_sendmsg+0x2bd/0x320
    [<000000003b6d53eb>] ___sys_sendmsg+0x9a/0xe0
    [<00000000cae27c62>] __sys_sendmsg+0x7a/0xd0",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7495,"A vulnerability, which was classified as critical, was found in itsourcecode Laravel Accounting System 1.0. This affects an unknown part of the file app/Http/Controllers/HomeController.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273621 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-44207,This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2024-21246,Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality).   The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Service Bus.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Service Bus accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-47700,"In the Linux kernel, the following vulnerability has been resolved:

ext4: check stripe size compatibility on remount as well

We disable stripe size in __ext4_fill_super if it is not a multiple of
the cluster ratio however this check is missed when trying to remount.
This can leave us with cases where stripe < cluster_ratio after
remount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some
unforeseen bugs like divide by 0.

Fix that by adding the check in remount path as well.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-23715,"In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22130,"Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. An attacker with low privileges can cause limited impact to confidentiality and integrity of the appliaction data after successful exploitation.

",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-5686,"The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Team Members widget in all versions up to, and including, 1.1.38 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-6202,"HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM users by just knowing their email address. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39776,Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-28872,"The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service (Kea or BIND 9), possibly resulting in confidential data loss and/or denial of service. It should be noted that this vulnerability is not related to BIND 9 or Kea directly, and only customers using the Stork management tool are potentially affected.
This issue affects Stork versions 0.15.0 through 1.15.0.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,8.1,2.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-2813,A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257668. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9083,A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-42054,Cervantes through 0.5-alpha accepts insecure file uploads.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-25728,"ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration (e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers), which may allow remote attackers to obtain sensitive information about websites visited by VPN users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-32856,"Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N,6.0,1.5,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,NONE,NONE
CVE-2024-38019,Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47595,An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-0736,A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251559.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10805,A vulnerability was found in code-projects University Event Management System 1.0. It has been classified as critical. This affects an unknown part of the file doedit.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions a confusing product name to be affected. Other parameters might be affected as well.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-4080,A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution.  Successful exploitation requires an attacker to provide a user with a specially crafted VI.  This vulnerability affects LabVIEW 2024 Q1 and prior versions.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-11387,"The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elb_liveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-6523,A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input <script>alert('XSS')</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270366 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9805,"A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/campsdetails.php. The manipulation of the argument hospital/address/city/contact leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter ""hospital"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49032,Microsoft Office Graphics Remote Code Execution Vulnerability,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43314,Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-45124,"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-44154,"A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app termination.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2024-48251,"Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-51513,"Vulnerability of processes not being fully terminated in the VPN module
Impact: Successful exploitation of this vulnerability will affect power consumption.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0758,"MolecularFaces before 0.3.0 is vulnerable to cross site scripting. A remote attacker can execute arbitrary JavaScript in the context of a victim browser via crafted molfiles.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23981,Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-41039,"In the Linux kernel, the following vulnerability has been resolved:

firmware: cs_dsp: Fix overflow checking of wmfw header

Fix the checking that firmware file buffer is large enough for the
wmfw header, to prevent overrunning the buffer.

The original code tested that the firmware data buffer contained
enough bytes for the sums of the size of the structs

	wmfw_header + wmfw_adsp1_sizes + wmfw_footer

But wmfw_adsp1_sizes is only used on ADSP1 firmware. For ADSP2 and
Halo Core the equivalent struct is wmfw_adsp2_sizes, which is
4 bytes longer. So the length check didn't guarantee that there
are enough bytes in the firmware buffer for a header with
wmfw_adsp2_sizes.

This patch splits the length check into three separate parts. Each
of the wmfw_header, wmfw_adsp?_sizes and wmfw_footer are checked
separately before they are used.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47877,"Extract is aA Go library to extract archives in zip, tar.gz or tar.bz2 formats. A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. This vulnerability is fixed in 4.0.0. If you're using the Extractor.FS interface, then upgrading to /v4 will require to implement the new methods that have been added.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-25710,"Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.

",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2024-22637,Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/preview.php?form_id=2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9818,A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-9379,SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39475,"In the Linux kernel, the following vulnerability has been resolved:

fbdev: savage: Handle err return when savagefb_check_var failed

The commit 04e5eac8f3ab(""fbdev: savage: Error out if pixclock equals zero"")
checks the value of pixclock to avoid divide-by-zero error. However
the function savagefb_probe doesn't handle the error return of
savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-45117,"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L,7.6,2.3,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,NONE,LOW
CVE-2024-42949,Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7321,A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Registration Handler. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273232.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-52615,"A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-4477,"The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-24691,"Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7295,"In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.2,2.5,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-40960,"In the Linux kernel, the following vulnerability has been resolved:

ipv6: prevent possible NULL dereference in rt6_probe()

syzbot caught a NULL dereference in rt6_probe() [1]

Bail out if  __in6_dev_get() returns NULL.

[1]
Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000658-0x000000000000065f]
CPU: 1 PID: 22444 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
 RIP: 0010:rt6_probe net/ipv6/route.c:656 [inline]
 RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758
Code: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19
RSP: 0018:ffffc900034af070 EFLAGS: 00010203
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000
RDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c
RBP: ffffc900034af150 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a
R13: 1ffff92000695e18 R14: ffff8880244a1d20 R15: 0000000000000000
FS:  00007f4844a5a6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
  rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784
  nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496
  __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825
  find_rr_leaf net/ipv6/route.c:853 [inline]
  rt6_select net/ipv6/route.c:897 [inline]
  fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195
  ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231
  pol_lookup_func include/net/ip6_fib.h:616 [inline]
  fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121
  ip6_route_output_flags_noref net/ipv6/route.c:2639 [inline]
  ip6_route_output_flags+0x1d0/0x640 net/ipv6/route.c:2651
  ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147
  ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250
  rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw.c:898
  inet_sendmsg+0x119/0x140 net/ipv4/af_inet.c:853
  sock_sendmsg_nosec net/socket.c:730 [inline]
  __sock_sendmsg net/socket.c:745 [inline]
  sock_write_iter+0x4b8/0x5c0 net/socket.c:1160
  new_sync_write fs/read_write.c:497 [inline]
  vfs_write+0x6b6/0x1140 fs/read_write.c:590
  ksys_write+0x1f8/0x260 fs/read_write.c:643
  do_syscall_x64 arch/x86/entry/common.c:52 [inline]
  do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-22855,A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-6135,BT:Classic: Multiple missing buf length checks,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9794,"A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation of the argument productimage1 leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8793,"The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.2.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-29472,OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-8106,"The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8 via the download_user_ajax function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract sensitive data including usernames, hashed passwords, and emails.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-41968,"A low privileged remote attacker may modify the docker settings setup of the device, leading to a limited DoS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,5.4,2.8,2.5,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW
CVE-2024-5840,Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2024-37410,Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Path Traversal.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.3.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-2092,"The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-38183,An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8714,"The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-2816,A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10746,A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22567,File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-5947,"Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-50080,"In the Linux kernel, the following vulnerability has been resolved:

ublk: don't allow user copy for unprivileged device

UBLK_F_USER_COPY requires userspace to call write() on ublk char
device for filling request buffer, and unprivileged device can't
be trusted.

So don't allow user copy for unprivileged device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-10672,"The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with editor-level access and above, to delete limited files on the server.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N,2.7,1.2,1.4,LOW,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-44959,"In the Linux kernel, the following vulnerability has been resolved:

tracefs: Use generic inode RCU for synchronizing freeing

With structure layout randomization enabled for 'struct inode' we need to
avoid overlapping any of the RCU-used / initialized-only-once members,
e.g. i_lru or i_sb_list to not corrupt related list traversals when making
use of the rcu_head.

For an unlucky structure layout of 'struct inode' we may end up with the
following splat when running the ftrace selftests:

[<...>] list_del corruption, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object])
[<...>] ------------[ cut here ]------------
[<...>] kernel BUG at lib/list_debug.c:54!
[<...>] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[<...>] CPU: 3 PID: 2550 Comm: mount Tainted: G                 N  6.8.12-grsec+ #122 ed2f536ca62f28b087b90e3cc906a8d25b3ddc65
[<...>] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014
[<...>] RIP: 0010:[<ffffffff84656018>] __list_del_entry_valid_or_report+0x138/0x3e0
[<...>] Code: 48 b8 99 fb 65 f2 ff ff ff ff e9 03 5c d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff e9 33 5a d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff <0f> 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f
[<...>] RSP: 0018:fffffe80416afaf0 EFLAGS: 00010283
[<...>] RAX: 0000000000000098 RBX: ffff888103ee2cb0 RCX: 0000000000000000
[<...>] RDX: ffffffff84655fe8 RSI: ffffffff89dd8b60 RDI: 0000000000000001
[<...>] RBP: ffff888103ee2cb0 R08: 0000000000000001 R09: fffffbd0082d5f25
[<...>] R10: fffffe80416af92f R11: 0000000000000001 R12: fdf99c16731d9b6d
[<...>] R13: 0000000000000000 R14: ffff88819ad4b8b8 R15: 0000000000000000
[<...>] RBX: tracefs_inode_cache+0x0/0x4e0 [slab object]
[<...>] RDX: __list_del_entry_valid_or_report+0x108/0x3e0
[<...>] RSI: __func__.47+0x4340/0x4400
[<...>] RBP: tracefs_inode_cache+0x0/0x4e0 [slab object]
[<...>] RSP: process kstack fffffe80416afaf0+0x7af0/0x8000 [mount 2550 2550]
[<...>] R09: kasan shadow of process kstack fffffe80416af928+0x7928/0x8000 [mount 2550 2550]
[<...>] R10: process kstack fffffe80416af92f+0x792f/0x8000 [mount 2550 2550]
[<...>] R14: tracefs_inode_cache+0x78/0x4e0 [slab object]
[<...>] FS:  00006dcb380c1840(0000) GS:ffff8881e0600000(0000) knlGS:0000000000000000
[<...>] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[<...>] CR2: 000076ab72b30e84 CR3: 000000000b088004 CR4: 0000000000360ef0 shadow CR4: 0000000000360ef0
[<...>] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[<...>] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[<...>] ASID: 0003
[<...>] Stack:
[<...>]  ffffffff818a2315 00000000f5c856ee ffffffff896f1840 ffff888103ee2cb0
[<...>]  ffff88812b6b9750 0000000079d714b6 fffffbfff1e9280b ffffffff8f49405f
[<...>]  0000000000000001 0000000000000000 ffff888104457280 ffffffff8248b392
[<...>] Call Trace:
[<...>]  <TASK>
[<...>]  [<ffffffff818a2315>] ? lock_release+0x175/0x380 fffffe80416afaf0
[<...>]  [<ffffffff8248b392>] list_lru_del+0x152/0x740 fffffe80416afb48
[<...>]  [<ffffffff8248ba93>] list_lru_del_obj+0x113/0x280 fffffe80416afb88
[<...>]  [<ffffffff8940fd19>] ? _atomic_dec_and_lock+0x119/0x200 fffffe80416afb90
[<...>]  [<ffffffff8295b244>] iput_final+0x1c4/0x9a0 fffffe80416afbb8
[<...>]  [<ffffffff8293a52b>] dentry_unlink_inode+0x44b/0xaa0 fffffe80416afbf8
[<...>]  [<ffffffff8293fefc>] __dentry_kill+0x23c/0xf00 fffffe80416afc40
[<...>]  [<ffffffff8953a85f>] ? __this_cpu_preempt_check+0x1f/0xa0 fffffe80416afc48
[<...>]  [<ffffffff82949ce5>] ? shrink_dentry_list+0x1c5/0x760 fffffe80416afc70
[<...>]  [<ffffffff82949b71>] ? shrink_dentry_list+0x51/0x760 fffffe80416afc78
[<...>]  [<ffffffff82949da8>] shrink_dentry_list+0x288/0x760 fffffe80416afc80
[<...>]  [<ffffffff8294ae75>] shrink_dcache_sb+0x155/0x420 fffffe80416afcc8
[<...>]  [<ffffffff8953a7c3>] ? debug_smp_processor_id+0x23/0xa0 fffffe80416afce0
[<...>]  [<ffffffff8294ad20>] ? do_one_tre
---truncated---",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-36243,in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-25062,"An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-11675,A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/his_admin_register_patient.php of the component Add Patient Details Page. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-35729,Missing Authorization vulnerability in Tickera.This issue affects Tickera: from n/a through 3.5.2.6.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8041,"A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-41361,RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-43628,Windows Telephony Service Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-4220,"Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-6164,"The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-22296,Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39010,chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50003,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix system hang while resume with TBT monitor

[Why]
Connected with a Thunderbolt monitor and do the suspend and the system
may hang while resume.

The TBT monitor HPD will be triggered during the resume procedure
and call the drm_client_modeset_probe() while
struct drm_connector connector->dev->master is NULL.

It will mess up the pipe topology after resume.

[How]
Skip the TBT monitor HPD during the resume procedure because we
currently will probe the connectors after resume by default.

(cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-3114,"An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9007,A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 94bf9ab7ad0ccb7fbdc02f172f37f0e2ea08d48f. It is recommended to apply a patch to fix this issue.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-11854,"The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcode’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-42136,"In the Linux kernel, the following vulnerability has been resolved:

cdrom: rearrange last_media_change check to avoid unintentional overflow

When running syzkaller with the newly reintroduced signed integer wrap
sanitizer we encounter this splat:

[  366.015950] UBSAN: signed-integer-overflow in ../drivers/cdrom/cdrom.c:2361:33
[  366.021089] -9223372036854775808 - 346321 cannot be represented in type '__s64' (aka 'long long')
[  366.025894] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  366.027502] CPU: 5 PID: 28472 Comm: syz-executor.7 Not tainted 6.8.0-rc2-00035-gb3ef86b5a957 #1
[  366.027512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  366.027518] Call Trace:
[  366.027523]  <TASK>
[  366.027533]  dump_stack_lvl+0x93/0xd0
[  366.027899]  handle_overflow+0x171/0x1b0
[  366.038787] ata1.00: invalid multi_count 32 ignored
[  366.043924]  cdrom_ioctl+0x2c3f/0x2d10
[  366.063932]  ? __pm_runtime_resume+0xe6/0x130
[  366.071923]  sr_block_ioctl+0x15d/0x1d0
[  366.074624]  ? __pfx_sr_block_ioctl+0x10/0x10
[  366.077642]  blkdev_ioctl+0x419/0x500
[  366.080231]  ? __pfx_blkdev_ioctl+0x10/0x10
...

Historically, the signed integer overflow sanitizer did not work in the
kernel due to its interaction with `-fwrapv` but this has since been
changed [1] in the newest version of Clang. It was re-enabled in the
kernel with Commit 557f8c582a9ba8ab (""ubsan: Reintroduce signed overflow
sanitizer"").

Let's rearrange the check to not perform any arithmetic, thus not
tripping the sanitizer.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-45788,This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/flooding on the targeted system.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8230,A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-44549,Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7129,"The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injection which further exploited can result to remote code Execution by high privilege such as admins",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47487,There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-52043,Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1.16.2.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-46559,Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-51661,Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38287,The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-21458,Information disclosure while handling SA query action frame.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-43563,Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-51517,"Vulnerability of improper memory access in the phone service module
Impact: Successful exploitation of this vulnerability may affect availability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0641,A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8872,"The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.3.20. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22233,"In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.

Specifically, an application is vulnerable when all of the following are true:

  *  the application uses Spring MVC
  *  Spring Security 6.1.6+ or 6.2.1+ is on the classpath


Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.


",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46980,"Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7443,** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek IB8367A VVTK-0100b. Affected is the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-273528. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-21753,"A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.13, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8, 1.2.1 through 1.2.5 allows attacker to perform a denial of service, read or write a limited number of files via specially crafted HTTP requests",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H,6.0,1.2,4.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,HIGH
CVE-2024-37150,"An issue in `.npmrc` support in Deno 1.44.0 was discovered where Deno would send `.npmrc` credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private registry references tarball URLs at a different domain. This includes usage of deno install subcommand, auto-install for npm: specifiers and LSP usage. It is recommended to upgrade to Deno 1.44.1 and if your private registry ever serves tarballs at a different domain to rotate your registry credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-11506,"IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22169.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-26899,"In the Linux kernel, the following vulnerability has been resolved:

block: fix deadlock between bd_link_disk_holder and partition scan

'open_mutex' of gendisk is used to protect open/close block devices. But
in bd_link_disk_holder(), it is used to protect the creation of symlink
between holding disk and slave bdev, which introduces some issues.

When bd_link_disk_holder() is called, the driver is usually in the process
of initialization/modification and may suspend submitting io. At this
time, any io hold 'open_mutex', such as scanning partitions, can cause
deadlocks. For example, in raid:

T1                              T2
bdev_open_by_dev
 lock open_mutex [1]
 ...
  efi_partition
  ...
   md_submit_bio
				md_ioctl mddev_syspend
				  -> suspend all io
				 md_add_new_disk
				  bind_rdev_to_array
				   bd_link_disk_holder
				    try lock open_mutex [2]
    md_handle_request
     -> wait mddev_resume

T1 scan partition, T2 add a new device to raid. T1 waits for T2 to resume
mddev, but T2 waits for open_mutex held by T1. Deadlock occurs.

Fix it by introducing a local mutex 'blk_holder_mutex' to replace
'open_mutex'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-49391,Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,7.3,1.3,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39610,"Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-39228,"GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-34606,Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-5133,"In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure of password recovery tokens in API responses. Specifically, when a user initiates the password reset process, the recovery token is included in the response of the `GET /v1/users/me/org` endpoint, which lists all users in a team. This allows any authenticated user to capture the recovery token of another user and subsequently change that user's password without consent, effectively taking over the account. The issue lies in the inclusion of the `recovery_token` attribute in the users object returned by the API.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-1177,"The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings_save() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update the permalink structure for the clubs",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-44062,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6.5.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-24041,A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-11119,"The BNE Gallery Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-10017,"The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-8630,"Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-3158,Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-11048,A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10424,A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_project.php of the component Project Selection Page. The manipulation of the argument no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-40738,A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/{id}/edit/.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-5630,"The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46821,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/pm: Fix negative array index read

Avoid using the negative values
for clk_idex as an index into an array pptable->DpmDescriptor.

V2: fix clk_index return check (Tim Huang)",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-3150,"In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their privileges to Administrator. The issue arises from improper input validation when handling HTTP POST requests to the endpoint `/workspace/:slug/thread/:threadSlug/update`. Specifically, the application fails to validate or check user input before passing it to the `workspace_thread` Prisma model for execution. This oversight allows attackers to craft a Prisma relation query operation that manipulates the `users` model to change a user's role to admin. Successful exploitation grants attackers the highest level of user privileges, enabling them to see and perform all actions within the system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-3454,"An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the connectedhomeip SDK allows a third party to disclose information about devices part of the same fabric (footprinting), even though the protocol is designed to prevent access to such information.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.5,2.1,1.4,LOW,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-7122,"The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-6052,"Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23838,"TrueLayer.NET is the .Net client for TrueLayer.  The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet could be made which could lead to information disclosure. The issue can be mitigated by having strict egress rules limiting the destinations to which requests can be made, and applying strict validation to any user input passed to the `truelayer-dotnet` library. Versions of TrueLayer.Client `v1.6.0` and later are not affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-22550,An arbitrary file upload vulnerability in the component /alsdemo/ss/mediam.cgi of ShopSite v14.0 allows attackers to execute arbitrary code via uploading a crafted SVG file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-23725,Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10080,"The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-34788,An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-39910,"decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The WYSWYG editor QuillJS is subject to potential XSS attach in case the attacker manages to modify the HTML before being uploaded to the server. The attacker is able to change e.g. to <svg onload=alert('XSS')> if they know how to craft these requests themselves. This issue has been addressed in release version 0.27.7. All users are advised to upgrade. Users unable to upgrade should review the user accounts that have access to the admin panel (i.e. general Administrators, and participatory space's Administrators) and remove access to them if they don't need it. Disable the ""Enable rich text editor for participants"" setting in the admin dashboard",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-38879,"A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-4011,"An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-44954,"In the Linux kernel, the following vulnerability has been resolved:

ALSA: line6: Fix racy access to midibuf

There can be concurrent accesses to line6 midibuf from both the URB
completion callback and the rawmidi API access.  This could be a cause
of KMSAN warning triggered by syzkaller below (so put as reported-by
here).

This patch protects the midibuf call of the former code path with a
spinlock for avoiding the possible races.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8601,This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL which could lead to unauthorized access to sensitive information belonging to other users.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-35705,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through 1.4.4.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-50260,"In the Linux kernel, the following vulnerability has been resolved:

sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()

The following race condition could trigger a NULL pointer dereference:

sock_map_link_detach():		sock_map_link_update_prog():
   mutex_lock(&sockmap_mutex);
   ...
   sockmap_link->map = NULL;
   mutex_unlock(&sockmap_mutex);
   				   mutex_lock(&sockmap_mutex);
				   ...
				   sock_map_prog_link_lookup(sockmap_link->map);
				   mutex_unlock(&sockmap_mutex);
   <continue>

Fix it by adding a NULL pointer check. In this specific case, it makes
no sense to update a link which is being released.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0756,"The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7000,Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41088,"In the Linux kernel, the following vulnerability has been resolved:

can: mcp251xfd: fix infinite loop when xmit fails

When the mcp251xfd_start_xmit() function fails, the driver stops
processing messages, and the interrupt routine does not return,
running indefinitely even after killing the running application.

Error messages:
[  441.298819] mcp251xfd spi2.0 can0: ERROR in mcp251xfd_start_xmit: -16
[  441.306498] mcp251xfd spi2.0 can0: Transmit Event FIFO buffer not empty. (seq=0x000017c7, tef_tail=0x000017cf, tef_head=0x000017d0, tx_head=0x000017d3).
... and repeat forever.

The issue can be triggered when multiple devices share the same SPI
interface. And there is concurrent access to the bus.

The problem occurs because tx_ring->head increments even if
mcp251xfd_start_xmit() fails. Consequently, the driver skips one TX
package while still expecting a response in
mcp251xfd_handle_tefif_one().

Resolve the issue by starting a workqueue to write the tx obj
synchronously if err = -EBUSY. In case of another error, decrement
tx_ring->head, remove skb from the echo stack, and drop the message.

[mkl: use more imperative wording in patch description]",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38177,Windows App Installer Spoofing Vulnerability,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-3638,"The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets in all versions up to, and including, 8.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-39406,"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N,6.8,2.3,4.0,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,NONE,NONE
CVE-2024-41690,"This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext default credentials on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-34618,Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,3.3,1.8,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-38385,"In the Linux kernel, the following vulnerability has been resolved:

genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()

irq_find_at_or_after() dereferences the interrupt descriptor which is
returned by mt_find() while neither holding sparse_irq_lock nor RCU read
lock, which means the descriptor can be freed between mt_find() and the
dereference:

    CPU0                            CPU1
    desc = mt_find()
                                    delayed_free_desc(desc)
    irq_desc_get_irq(desc)

The use-after-free is reported by KASAN:

    Call trace:
     irq_get_next_irq+0x58/0x84
     show_stat+0x638/0x824
     seq_read_iter+0x158/0x4ec
     proc_reg_read_iter+0x94/0x12c
     vfs_read+0x1e0/0x2c8

    Freed by task 4471:
     slab_free_freelist_hook+0x174/0x1e0
     __kmem_cache_free+0xa4/0x1dc
     kfree+0x64/0x128
     irq_kobj_release+0x28/0x3c
     kobject_put+0xcc/0x1e0
     delayed_free_desc+0x14/0x2c
     rcu_do_batch+0x214/0x720

Guard the access with a RCU read lock section.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-37889,MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-38438,"D-Link - 

CWE-294: Authentication Bypass by Capture-replay",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10045,"The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the process_actions function. This makes it possible for unauthenticated attackers to delete transients via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2024-34622,Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46726,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Ensure index calculation will not overflow

[WHY & HOW]
Make sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation will
never overflow and exceess array size.

This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46307,A loop hole in the payment logic of Sparkshop v1.16 allows attackers to arbitrarily modify the number of products.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-42009,A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N,9.3,2.8,5.8,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,NONE
CVE-2024-8592,"A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability.  A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7687,"The AZIndex WordPress plugin through 0.8.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE
CVE-2024-20731,"Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7535,Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41358,phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7248,"Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the update mechanism. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19055.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0093,NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-50008,"In the Linux kernel, the following vulnerability has been resolved:

wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()

Replace one-element array with a flexible-array member in
`struct host_cmd_ds_802_11_scan_ext`.

With this, fix the following warning:

elo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------
elo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field ""ext_scan->tlv_buffer"" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1)
elo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-21278,"Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award Processes).  Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Contract Lifecycle Management for Public Sector.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Contract Lifecycle Management for Public Sector accessible data as well as  unauthorized access to critical data or complete access to all Oracle Contract Lifecycle Management for Public Sector accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-39202,D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7923,"An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-28831,Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-11192,"The Spotify Play Button for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's spotifyplaybutton shortcode in all versions up to, and including, 2.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-9784,A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38813,The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-52431,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6267,A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file system_info/index.php of the component System Info Page. The manipulation of the argument System Name/System Short Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269479.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-22416,"pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0299,A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-40867,A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,9.6,2.8,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH
CVE-2024-6302,"Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-51526,"Permission control vulnerability in the hidebug module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-11551,"IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24749.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38279,The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,4.6,0.9,3.6,MEDIUM,2024-12-08T08:00Z,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-10139,A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add_new_supplier.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42782,"A SQL injection vulnerability in ""/music/ajax.php?action=find_music"" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the ""search"" parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37263,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49019,Active Directory Certificate Services Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-45176,"An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper input validation, the C-MOR web interface is vulnerable to reflected cross-site scripting (XSS) attacks. It was found out that different functions are prone to reflected cross-site scripting attacks due to insufficient user input validation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-47161,In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-22194,"cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`. ",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,2.8,1.3,1.4,LOW,2024-12-08T08:00Z,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,LOW,NONE,NONE
CVE-2024-5629,An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH
CVE-2024-10092,"The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handle_api_key_actions function in all versions up to, and including, 5.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revoke existing API keys and generate new ones.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE
CVE-2024-37038,"CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interface to perform unauthorized file and firmware
uploads when crafting custom web requests.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39807,Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a webhook event which allows an attacker monitoring webhook events to retrieve the channel IDs of archived or restored channels.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-7334,A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46807,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/amdgpu: Check tbo resource pointer

Validate tbo resource pointer, skip if NULL",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-11231,"The ???? ????? plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mnp_purchase shortcode in all versions up to, and including, 3.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-24556,urql is a GraphQL client that exposes a set of helpers for several frameworks.  The `@urql/next` package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns `html` tags and that the web-application is using streamed responses (non-RSC). This vulnerability is due to improper escaping of html-like characters in the response-stream. To fix this vulnerability upgrade to version 1.1.1,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-41070,"In the Linux kernel, the following vulnerability has been resolved:

KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group()

Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group().

It looks up `stt` from tablefd, but then continues to use it after doing
fdput() on the returned fd. After the fdput() the tablefd is free to be
closed by another thread. The close calls kvm_spapr_tce_release() and
then release_spapr_tce_table() (via call_rcu()) which frees `stt`.

Although there are calls to rcu_read_lock() in
kvm_spapr_tce_attach_iommu_group() they are not sufficient to prevent
the UAF, because `stt` is used outside the locked regions.

With an artifcial delay after the fdput() and a userspace program which
triggers the race, KASAN detects the UAF:

  BUG: KASAN: slab-use-after-free in kvm_spapr_tce_attach_iommu_group+0x298/0x720 [kvm]
  Read of size 4 at addr c000200027552c30 by task kvm-vfio/2505
  CPU: 54 PID: 2505 Comm: kvm-vfio Not tainted 6.10.0-rc3-next-20240612-dirty #1
  Hardware name: 8335-GTH POWER9 0x4e1202 opal:skiboot-v6.5.3-35-g1851b2a06 PowerNV
  Call Trace:
    dump_stack_lvl+0xb4/0x108 (unreliable)
    print_report+0x2b4/0x6ec
    kasan_report+0x118/0x2b0
    __asan_load4+0xb8/0xd0
    kvm_spapr_tce_attach_iommu_group+0x298/0x720 [kvm]
    kvm_vfio_set_attr+0x524/0xac0 [kvm]
    kvm_device_ioctl+0x144/0x240 [kvm]
    sys_ioctl+0x62c/0x1810
    system_call_exception+0x190/0x440
    system_call_vectored_common+0x15c/0x2ec
  ...
  Freed by task 0:
   ...
   kfree+0xec/0x3e0
   release_spapr_tce_table+0xd4/0x11c [kvm]
   rcu_core+0x568/0x16a0
   handle_softirqs+0x23c/0x920
   do_softirq_own_stack+0x6c/0x90
   do_softirq_own_stack+0x58/0x90
   __irq_exit_rcu+0x218/0x2d0
   irq_exit+0x30/0x80
   arch_local_irq_restore+0x128/0x230
   arch_local_irq_enable+0x1c/0x30
   cpuidle_enter_state+0x134/0x5cc
   cpuidle_enter+0x6c/0xb0
   call_cpuidle+0x7c/0x100
   do_idle+0x394/0x410
   cpu_startup_entry+0x60/0x70
   start_secondary+0x3fc/0x410
   start_secondary_prolog+0x10/0x14

Fix it by delaying the fdput() until `stt` is no longer in use, which
is effectively the entire function. To keep the patch minimal add a call
to fdput() at each of the existing return paths. Future work can convert
the function to goto or __cleanup style cleanup.

With the fix in place the test case no longer triggers the UAF.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6760,"A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs.

The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-0597,"The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-8291,"Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in Image Editor Background Color.  A rogue admin could add malicious code to the Thumbnails/Add-Type. The Concrete CMS Security Team gave this a CVSS v4 score of 2.1 with vector  CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N  Thanks,  Alexey Solovyev for reporting.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7172,A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272593 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-50165,"In the Linux kernel, the following vulnerability has been resolved:

bpf: Preserve param->string when parsing mount options

In bpf_parse_param(), keep the value of param->string intact so it can
be freed later. Otherwise, the kmalloc area pointed to by param->string
will be leaked as shown below:

unreferenced object 0xffff888118c46d20 (size 8):
  comm ""new_name"", pid 12109, jiffies 4295580214
  hex dump (first 8 bytes):
    61 6e 79 00 38 c9 5c 7e                          any.8.\~
  backtrace (crc e1b7f876):
    [<00000000c6848ac7>] kmemleak_alloc+0x4b/0x80
    [<00000000de9f7d00>] __kmalloc_node_track_caller_noprof+0x36e/0x4a0
    [<000000003e29b886>] memdup_user+0x32/0xa0
    [<0000000007248326>] strndup_user+0x46/0x60
    [<0000000035b3dd29>] __x64_sys_fsconfig+0x368/0x3d0
    [<0000000018657927>] x64_sys_call+0xff/0x9f0
    [<00000000c0cabc95>] do_syscall_64+0x3b/0xc0
    [<000000002f331597>] entry_SYSCALL_64_after_hwframe+0x4b/0x53",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-9341,"A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2024-49614,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through 1.9.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-41736,"Under certain conditions SAP Permit to Work
allows an authenticated attacker to access information which would otherwise be
restricted causing low impact on the confidentiality of the application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,4.3,2.8,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE
CVE-2024-8964,"The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-21737,"In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.

",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-32484,An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N,8.2,2.8,4.7,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,LOW,NONE
CVE-2024-5536,"The GamiPress – Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gamipress_link shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49859,"In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to check atomic_file in f2fs ioctl interfaces

Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(),
f2fs_move_file_range(), and f2fs_defragment_range() missed to
check atomic_write status, which may cause potential race issue,
fix it.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,4.7,1.0,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-23895,"A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-11790,"Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24449.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-39468,"In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix deadlock in smb2_find_smb_tcon()

Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such
deadlock.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46779,"In the Linux kernel, the following vulnerability has been resolved:

drm/imagination: Free pvr_vm_gpuva after unlink

This caused a measurable memory leak. Although the individual
allocations are small, the leaks occurs in a high-usage codepath
(remapping or unmapping device memory) so they add up quickly.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7858,"The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform several actions related to managing media files and folder along with controlling settings.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,6.3,2.8,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW
CVE-2024-51408,AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-50442,Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,7.2,1.2,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-36502,"Out-of-bounds read vulnerability in the audio module
Impact: Successful exploitation of this vulnerability will affect availability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-43976,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a through 6.9.7.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8946,"A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 29943546343c92334e8518695a11fc0e2ceea68b. It is recommended to apply a patch to fix this issue. In the VFS unmount process, the comparison between the mounted path string and the unmount requested string is based solely on the length of the unmount string, which can lead to a heap buffer overflow read.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46814,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check msg_id before processing transcation

[WHY & HOW]
HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid
array index, and it needs checking before used.

This fixes 4 OVERRUN issues reported by Coverity.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47683,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Skip Recompute DSC Params if no Stream on Link

[why]
Encounter NULL pointer dereference uner mst + dsc setup.

BUG: kernel NULL pointer dereference, address: 0000000000000008
    PGD 0 P4D 0
    Oops: 0000 [#1] PREEMPT SMP NOPTI
    CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2
    Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022
    RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]
    Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>
    RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293
    RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224
    RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280
    RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850
    R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000
    R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224
    FS:  00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0
    Call Trace:
<TASK>
     ? __die+0x23/0x70
     ? page_fault_oops+0x171/0x4e0
     ? plist_add+0xbe/0x100
     ? exc_page_fault+0x7c/0x180
     ? asm_exc_page_fault+0x26/0x30
     ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]
     ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]
     compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
     ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
     compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
     amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
     drm_atomic_check_only+0x5c5/0xa40
     drm_mode_atomic_ioctl+0x76e/0xbc0

[how]
dsc recompute should be skipped if no mode change detected on the new
request. If detected, keep checking whether the stream is already on
current state or not.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-30081,Windows NTLM Spoofing Vulnerability,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-8164,"A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function rename of the file /Admin/Http/Controllers/FileManagerController.php. The manipulation of the argument new_name leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7224,A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lot_details.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272804.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-11557,"IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24807.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-21751,Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-27128,"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network.

We have already fixed the vulnerability in the following version:
QTS 5.1.7.2770 build 20240520 and later
QuTS hero h5.1.7.2770 build 20240520 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35723,Missing Authorization vulnerability in Andrew Rapps Dashboard To-Do List.This issue affects Dashboard To-Do List: from n/a through 1.2.0.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-31181,"Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack.

This issue affects libfluid: 0.1.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38237,Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-21902,"An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.

We have already fixed the vulnerability in the following version:
QTS 5.1.7.2770 build 20240520 and later
QuTS hero h5.1.7.2770 build 20240520 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,8.1,2.8,5.2,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE
CVE-2024-6170,"The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘email’ parameter in all versions up to, and including, 1.5.112 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10538,"The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the before_label parameter in the Image Comparison widget in all versions up to, and including, 3.12.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-6185,"A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC 1.0. Affected by this issue is the function get_ip_addr_details of the file /view/dhcp/dhcpConfig/commit.php. The manipulation of the argument ethname leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269156. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42109,"In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: unconditionally flush pending work before notifier

syzbot reports:

KASAN: slab-uaf in nft_ctx_update include/net/netfilter/nf_tables.h:1831
KASAN: slab-uaf in nft_commit_release net/netfilter/nf_tables_api.c:9530
KASAN: slab-uaf int nf_tables_trans_destroy_work+0x152b/0x1750 net/netfilter/nf_tables_api.c:9597
Read of size 2 at addr ffff88802b0051c4 by task kworker/1:1/45
[..]
Workqueue: events nf_tables_trans_destroy_work
Call Trace:
 nft_ctx_update include/net/netfilter/nf_tables.h:1831 [inline]
 nft_commit_release net/netfilter/nf_tables_api.c:9530 [inline]
 nf_tables_trans_destroy_work+0x152b/0x1750 net/netfilter/nf_tables_api.c:9597

Problem is that the notifier does a conditional flush, but its possible
that the table-to-be-removed is still referenced by transactions being
processed by the worker, so we need to flush unconditionally.

We could make the flush_work depend on whether we found a table to delete
in nf-next to avoid the flush for most cases.

AFAICS this problem is only exposed in nf-next, with
commit e169285f8c56 (""netfilter: nf_tables: do not store nft_ctx in transaction objects""),
with this commit applied there is an unconditional fetch of
table->family which is whats triggering the above splat.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-39283,Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6015,A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument month_of leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268723.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38588,"In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix possible use-after-free issue in ftrace_location()

KASAN reports a bug:

  BUG: KASAN: use-after-free in ftrace_location+0x90/0x120
  Read of size 8 at addr ffff888141d40010 by task insmod/424
  CPU: 8 PID: 424 Comm: insmod Tainted: G        W          6.9.0-rc2+
  [...]
  Call Trace:
   <TASK>
   dump_stack_lvl+0x68/0xa0
   print_report+0xcf/0x610
   kasan_report+0xb5/0xe0
   ftrace_location+0x90/0x120
   register_kprobe+0x14b/0xa40
   kprobe_init+0x2d/0xff0 [kprobe_example]
   do_one_initcall+0x8f/0x2d0
   do_init_module+0x13a/0x3c0
   load_module+0x3082/0x33d0
   init_module_from_file+0xd2/0x130
   __x64_sys_finit_module+0x306/0x440
   do_syscall_64+0x68/0x140
   entry_SYSCALL_64_after_hwframe+0x71/0x79

The root cause is that, in lookup_rec(), ftrace record of some address
is being searched in ftrace pages of some module, but those ftrace pages
at the same time is being freed in ftrace_release_mod() as the
corresponding module is being deleted:

           CPU1                       |      CPU2
  register_kprobes() {                | delete_module() {
    check_kprobe_address_safe() {     |
      arch_check_ftrace_location() {  |
        ftrace_location() {           |
          lookup_rec() // USE!        |   ftrace_release_mod() // Free!

To fix this issue:
  1. Hold rcu lock as accessing ftrace pages in ftrace_location_range();
  2. Use ftrace_location_range() instead of lookup_rec() in
     ftrace_location();
  3. Call synchronize_rcu() before freeing any ftrace pages both in
     ftrace_process_locs()/ftrace_release_mod()/ftrace_free_mem().",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-6955,A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file sort2.php. The manipulation of the argument qualification leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272076.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21624,"nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak (e.g., environment variables) in instances where developers utilize `MessageTemplate` and incorporate user-provided data into templates. The identified vulnerability has been remedied in pull request #2509 and will be included in versions released from 2.2.0. Users are strongly advised to upgrade to these patched versions to safeguard against the vulnerability. A temporary workaround involves filtering underscores before incorporating user input into the message template.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-34644,Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE
CVE-2024-30160,A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a Stored Cross-Site Scripting (XSS) attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary scripts.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49961,"In the Linux kernel, the following vulnerability has been resolved:

media: i2c: ar0521: Use cansleep version of gpiod_set_value()

If we use GPIO reset from I2C port expander, we must use *_cansleep()
variant of GPIO functions.
This was not done in ar0521_power_on()/ar0521_power_off() functions.
Let's fix that.

------------[ cut here ]------------
WARNING: CPU: 0 PID: 11 at drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x74/0x7c
Modules linked in:
CPU: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.10.0 #53
Hardware name: Diasom DS-RK3568-SOM-EVB (DT)
Workqueue: events_unbound deferred_probe_work_func
pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : gpiod_set_value+0x74/0x7c
lr : ar0521_power_on+0xcc/0x290
sp : ffffff8001d7ab70
x29: ffffff8001d7ab70 x28: ffffff80027dcc90 x27: ffffff8003c82000
x26: ffffff8003ca9250 x25: ffffffc080a39c60 x24: ffffff8003ca9088
x23: ffffff8002402720 x22: ffffff8003ca9080 x21: ffffff8003ca9088
x20: 0000000000000000 x19: ffffff8001eb2a00 x18: ffffff80efeeac80
x17: 756d2d6332692f30 x16: 0000000000000000 x15: 0000000000000000
x14: ffffff8001d91d40 x13: 0000000000000016 x12: ffffffc080e98930
x11: ffffff8001eb2880 x10: 0000000000000890 x9 : ffffff8001d7a9f0
x8 : ffffff8001d92570 x7 : ffffff80efeeac80 x6 : 000000003fc6e780
x5 : ffffff8001d91c80 x4 : 0000000000000002 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000001
Call trace:
 gpiod_set_value+0x74/0x7c
 ar0521_power_on+0xcc/0x290
...",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-7463,A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47522,"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-47508,"An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover.

GUID exhaustion will trigger a syslog message like one of the following:

evo-pfemand[<pid>]: get_next_guid: Ran out of Guid Space ...
evo-aftmand-zx[<pid>]: get_next_guid: Ran out of Guid Space ...
The leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids:





user@host> show platform application-info allocations app evo-pfemand/evo-pfemand



In case one or more of these values are constantly increasing the leak is happening.

This issue affects Junos OS Evolved:



  *  All versions before 21.2R3-S8-EVO,
  *  21.3 versions before 21.3R3-EVO;
  *  21.4 versions before 22.1R2-EVO,

  *  22.1 versions before 22.1R1-S1-EVO, 22.1R2-EVO.





Please note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47509.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,6.5,2.8,3.6,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-38812,The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7618,"The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 6.4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,4.8,1.7000000000000002,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-0959,A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgd_fuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252204.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-8858,"The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-46424,"TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-8717,"The PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer – DearFlip plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pdf_source' parameter in all versions up to, and including, 2.3.32 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-46598,Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-37569,"An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A command injection vulnerability exists in the hostname parameter taken in by the provis.html endpoint. The provis.html endpoint performs no sanitization on the hostname parameter (sent by an authenticated user), which is subsequently written to disk. During boot, the hostname parameter is executed as part of a series of shell commands. Attackers can achieve remote code execution in the root context by placing shell metacharacters in the hostname parameter.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-35652,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Reflected XSS.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.1.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9515,A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0426,"A vulnerability, which was classified as critical, has been found in ForU CMS up to 2020-06-23. This issue affects some unknown processing of the file admin/cms_template.php. The manipulation of the argument t_name/t_path leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250445 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-1031,A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252304.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7293,"In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-33545,Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-49001,SQL Server Native Client Remote Code Execution Vulnerability,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-23220,"The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE
CVE-2024-38188,Azure Network Watcher VM Agent Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,7.1,1.8,5.2,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2024-23049,An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7331,A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273254 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7834,"A local privilege escalation is caused by Overwolf
loading and executing certain dynamic link library files from a user-writeable
folder in SYSTEM context on launch. This allows an attacker with unprivileged
access to the system to run arbitrary code with SYSTEM privileges by placing a
malicious .dll file in the respective location.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-34545,Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.7,2.1,3.6,MEDIUM,2024-12-08T08:00Z,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-43801,"Jellyfin is an open source self hosted media server. The Jellyfin user profile image upload accepts SVG files, allowing for a stored XSS attack against an admin user via a specially crafted malicious SVG file. When viewed by an admin outside of the Jellyfin Web UI (e.g. via ""view image"" in a browser), this malicious SVG file could interact with the browser's LocalStorage and retrieve an AccessToken, which in turn can be used in an API call to elevate the target user to a Jellyfin administrator. The actual attack vector is unlikely to be exploited, as it requires specific actions by the administrator to view the SVG image outside of Jellyfin's WebUI, i.e. it is not a passive attack. The underlying exploit mechanism is solved by PR #12490, which forces attached images (including the potential malicious SVG) to be treated as attachments and thus downloaded by browsers, rather than viewed. This prevents exploitation of the LocalStorage of the browser. This PR has been merged and the relevant code changes are included in release version 10.9.10. All users are advised to upgrade.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-7733,"A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-31199,A “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')” allows malicious users to permanently inject arbitrary Javascript code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10885,"The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siq_searchbox' shortcode in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,6.4,3.1,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE
CVE-2024-37635,TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-37954,Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-9477,"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS).This issue affects Air4443 Firmware: through 14102024.


NOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-49902,"In the Linux kernel, the following vulnerability has been resolved:

jfs: check if leafidx greater than num leaves per dmap tree

syzbot report a out of bounds in dbSplit, it because dmt_leafidx greater
than num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf.

Shaggy:
Modified sanity check to apply to control pages as well as leaf pages.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-20286,"A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.

The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.&nbsp;
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the  section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,8.8,2.0,6.0,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-25019,"IBM Cognos Controller 11.0.0 and 11.0.1 

could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attacks.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L,5.5,2.1,3.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW
CVE-2024-40544,PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-3800,"Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names. 
Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-21273,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22 and  prior to 7.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N,6.0,1.5,4.0,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,NONE,NONE
CVE-2024-46419,TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-46773,"In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check denominator pbn_div before used

[WHAT & HOW]
A denominator cannot be 0, and is checked before used.

This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-46557,Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,7.5,3.9,3.6,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH
CVE-2024-0738,"A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251561 was assigned to this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-47048,"Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,5.4,2.3,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-10461,"In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-45264,"A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-0712,A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251538 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-7782,"The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the iconRemove function in versions 2.0 to 2.13.4. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,6.5,1.2,5.2,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH
CVE-2024-7502,"A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-27320,"An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code will be passed to an eval function which executes it.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38185,Windows Kernel-Mode Driver Elevation of Privilege Vulnerability,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,7.8,1.8,5.9,HIGH,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-42399,Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,5.3,3.9,1.4,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW
CVE-2024-45348,"Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-10613,A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-38474,"Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in
directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag ""UnsafeAllow3F"" is specified.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,9.8,3.9,5.9,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH
CVE-2024-40837,A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE
CVE-2024-20805,"Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,5.5,1.8,3.6,MEDIUM,2024-12-08T08:00Z,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE
CVE-2024-11456,"The Run Contests, Raffles, and Giveaways with ContestsWP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,6.1,2.8,2.7,MEDIUM,2024-12-08T08:00Z,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE
CVE-2024-46902,"A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.

Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,9.1,2.3,6.0,CRITICAL,2024-12-08T08:00Z,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH
CVE-2024-49574,Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,8.8,2.8,5.9,HIGH,2024-12-08T08:00Z,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH