Total
65982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46712 | 1 Fortinet | 1 Fortiportal | 2024-01-17 | N/A | 8.8 HIGH |
A improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacker to escalate its privilege via specifically crafted HTTP requests. | |||||
CVE-2023-42869 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 7.5 HIGH |
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5. Multiple issues in libxml2. | |||||
CVE-2022-47965 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-47915 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-46721 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2024-21907 | 1 Newtonsoft | 1 Json.net | 2024-01-17 | N/A | 7.5 HIGH |
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition. | |||||
CVE-2023-49589 | 1 Wwbn | 1 Avideo | 2024-01-17 | N/A | 8.8 HIGH |
An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker can send an HTTP request to trigger this vulnerability. | |||||
CVE-2022-34169 | 6 Apache, Azul, Debian and 3 more | 16 Xalan-java, Zulu, Debian Linux and 13 more | 2024-01-17 | N/A | 7.5 HIGH |
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | |||||
CVE-2023-49715 | 1 Wwbn | 1 Avideo | 2024-01-17 | N/A | 8.8 HIGH |
A unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary code execution when chained with an LFI vulnerability. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
CVE-2023-49738 | 1 Wwbn | 1 Avideo | 2024-01-17 | N/A | 7.5 HIGH |
An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read. | |||||
CVE-2023-49471 | 1 Barassistant | 1 Bar Assistant | 2024-01-17 | N/A | 8.8 HIGH |
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. | |||||
CVE-2018-15133 | 1 Laravel | 1 Laravel | 2024-01-17 | 6.8 MEDIUM | 8.1 HIGH |
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. | |||||
CVE-2023-48864 | 1 Sem-cms | 1 Semcms | 2024-01-17 | N/A | 7.5 HIGH |
SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php. | |||||
CVE-2023-6699 | 1 Wpcompress | 1 Wp Compress | 2024-01-17 | N/A | 7.5 HIGH |
The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | |||||
CVE-2023-5448 | 1 Aviplugins | 1 Wp Register Profile With Shortcode | 2024-01-16 | N/A | 8.8 HIGH |
The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.9. This is due to missing or incorrect nonce validation on the update_password_validate function. This makes it possible for unauthenticated attackers to reset a user's password via a forged request granted they can trick the user into performing an action such as clicking on a link. | |||||
CVE-2023-42871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2023-42870 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 7.8 HIGH |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2023-41060 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 8.8 HIGH |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution. | |||||
CVE-2022-20822 | 1 Cisco | 1 Identity Services Engine | 2024-01-16 | N/A | 8.1 HIGH |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains certain character sequences to an affected system. A successful exploit could allow the attacker to read or delete specific files on the device that their configured administrative level should not have access to. Cisco plans to release software updates that address this vulnerability. | |||||
CVE-2023-48257 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-01-16 | N/A | 8.8 HIGH |
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request. |