Critical Vulnerabilities
SOCRadar, the Extended Cyber Threat Intelligence (XTI) platform, provides vulnerability intelligence for the security operations team, who can search for recent critical vulnerabilities exploited in the wild by the threat actors. SOCRadar also provides an External Attack Surface Management suite that helps cybersecurity teams to identify vulnerable assets in their internet-facing network. We select and display critical vulnerabilities below that are popular in the hacker community.
Get free access to SOCRadar XTI to start using vulnerability intelligence now.
2024
2023
2022
2021
July
June
May
April
March
February
January
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
GeoServer OGC Request neutralization of directives | 9.6 | 7/1/2024 | GeoServer | Link | ||
Gogs Change Preview argument injection | 9.1 | 7/4/2024 | Gogs | Link | ||
Gogs SSH Connection ssh.go argument injection | 9.1 | 7/4/2024 | Gogs | Link | ||
Rejetto HTTP File Server Upload Node.js child_process Privilege Escalation | 9.1 | 7/5/2024 | Rejetto | Link | ||
Apache CloudStack Service Port 9090 code injection | 9.4 | 7/5/2024 | Apache | Link | ||
ABB ASPECT-Enterprise/NEXUS/MATRIX input validation | 9.8 | 7/5/2024 | ABB | Link | ||
ifm Smart PLC AC14xx/Smart PLC AC4xxS hard-coded credentials | 9.6 | 7/9/2024 | ifm | Link | ||
Siemens SINEMA Remote Connect Server Firmware Update temp file | 9 | 7/9/2024 | Siemens | Link | ||
Pepperl+Fuchs OIT1500-F113-B12-CB Telnet missing authentication | 9.6 | 7/10/2024 | Pepperl+Fuchs | Link | ||
Palo Alto Networks Expedition missing authentication | 9.4 | 7/10/2024 | Palo | Link | ||
ServiceNow Now Platform improper validation of specified type of input | 9.4 | 7/10/2024 | ServiceNow | Link | ||
Supermicro BMC stack-based overflow | 9.8 | 7/12/2024 | Supermicro | Link | ||
fogproject reportmaker.class.php command injection | 9.6 | 7/12/2024 | fogproject | Link | ||
Cellopoint Secure Email Gateway SMTP Listener stack-based overflow | 9.8 | 7/15/2024 | Cellopoint | Link | ||
Broadcom Symantec Privileged Access Management PAM System Remote Code Execution | 9.4 | 7/15/2024 | Broadcom | Link | ||
Broadcom Symantec Privileged Access Management PAM System unrestricted upload | 9.4 | 7/15/2024 | Broadcom | Link | ||
Broadcom Symantec Privileged Access Management PAM System Remote Code Execution | 9.8 | 7/15/2024 | Broadcom | Link | ||
sni Thruk html2pdf.sh code injection | 9.1 | 7/15/2024 | sni | Link | ||
Oracle WebLogic Server Core Remote Code Execution | 9.6 | 7/17/2024 | Oracle | Link | ||
Zoho ManageEngine DDI Central Agent hard-coded credentials | 9.3 | 7/17/2024 | Zoho | Link | ||
SolarWinds Access Rights Manager deserialization | 9 | 7/17/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager path traversal | 9 | 7/17/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager Service improper authentication | 9 | 7/17/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager improper authentication | 9 | 7/17/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager input validation | 9 | 7/17/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager path traversal | 9.5 | 7/17/2024 | SolarWinds | Link | ||
Cisco Secure Email Content Scanning/Message Filtering absolute path traversal | 9.6 | 7/17/2024 | Cisco | Link | ||
PruvaSoft Informatics Apinizer Management Console permission assignment | 9.1 | 7/18/2024 | PruvaSoft | Link | ||
JumpServer path traversal | 9.7 | 7/18/2024 | JumpServer | Link | ||
JumpServer path traversal | 9.7 | 7/18/2024 | JumpServer | Link |
Vulnerability
GeoServer OGC Request neutralization of directives
CVSSv3
9.6
Release Date
7/1/2024
Products
GeoServer
References
Link
Vulnerability
Gogs Change Preview argument injection
CVSSv3
9.1
Release Date
7/4/2024
Products
Gogs
References
Link
Vulnerability
Gogs SSH Connection ssh.go argument injection
CVSSv3
9.1
Release Date
7/4/2024
Products
Gogs
References
Link
Vulnerability
Rejetto HTTP File Server Upload Node.js child_process Privilege Escalation
CVSSv3
9.1
Release Date
7/5/2024
Products
Rejetto
References
Link
Vulnerability
Apache CloudStack Service Port 9090 code injection
CVSSv3
9.4
Release Date
7/5/2024
Products
Apache
References
Link
Vulnerability
ABB ASPECT-Enterprise/NEXUS/MATRIX input validation
CVSSv3
9.8
Release Date
7/5/2024
Products
ABB
References
Link
Vulnerability
ifm Smart PLC AC14xx/Smart PLC AC4xxS hard-coded credentials
CVSSv3
9.6
Release Date
7/9/2024
Products
ifm
References
Link
Vulnerability
Siemens SINEMA Remote Connect Server Firmware Update temp file
CVSSv3
9
Release Date
7/9/2024
Products
Siemens
References
Link
Vulnerability
Pepperl+Fuchs OIT1500-F113-B12-CB Telnet missing authentication
CVSSv3
9.6
Release Date
7/10/2024
Products
Pepperl+Fuchs
References
Link
Vulnerability
Palo Alto Networks Expedition missing authentication
CVSSv3
9.4
Release Date
7/10/2024
Products
Palo
References
Link
Vulnerability
ServiceNow Now Platform improper validation of specified type of input
CVSSv3
9.4
Release Date
7/10/2024
Products
ServiceNow
References
Link
Vulnerability
Supermicro BMC stack-based overflow
CVSSv3
9.8
Release Date
7/12/2024
Products
Supermicro
References
Link
Vulnerability
fogproject reportmaker.class.php command injection
CVSSv3
9.6
Release Date
7/12/2024
Products
fogproject
References
Link
Vulnerability
Cellopoint Secure Email Gateway SMTP Listener stack-based overflow
CVSSv3
9.8
Release Date
7/15/2024
Products
Cellopoint
References
Link
Vulnerability
Broadcom Symantec Privileged Access Management PAM System Remote Code Execution
CVSSv3
9.4
Release Date
7/15/2024
Products
Broadcom
References
Link
Vulnerability
Broadcom Symantec Privileged Access Management PAM System unrestricted upload
CVSSv3
9.4
Release Date
7/15/2024
Products
Broadcom
References
Link
Vulnerability
Broadcom Symantec Privileged Access Management PAM System Remote Code Execution
CVSSv3
9.8
Release Date
7/15/2024
Products
Broadcom
References
Link
Vulnerability
sni Thruk html2pdf.sh code injection
CVSSv3
9.1
Release Date
7/15/2024
Products
sni
References
Link
Vulnerability
Oracle WebLogic Server Core Remote Code Execution
CVSSv3
9.6
Release Date
7/17/2024
Products
Oracle
References
Link
Vulnerability
Zoho ManageEngine DDI Central Agent hard-coded credentials
CVSSv3
9.3
Release Date
7/17/2024
Products
Zoho
References
Link
Vulnerability
SolarWinds Access Rights Manager deserialization
CVSSv3
9
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager path traversal
CVSSv3
9
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager Service improper authentication
CVSSv3
9
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager improper authentication
CVSSv3
9
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager input validation
CVSSv3
9
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager path traversal
CVSSv3
9.5
Release Date
7/17/2024
Products
SolarWinds
References
Link
Vulnerability
Cisco Secure Email Content Scanning/Message Filtering absolute path traversal
CVSSv3
9.6
Release Date
7/17/2024
Products
Cisco
References
Link
Vulnerability
PruvaSoft Informatics Apinizer Management Console permission assignment
CVSSv3
9.1
Release Date
7/18/2024
Products
PruvaSoft
References
Link
Vulnerability
JumpServer path traversal
CVSSv3
9.7
Release Date
7/18/2024
Products
JumpServer
References
Link
Vulnerability
JumpServer path traversal
CVSSv3
9.7
Release Date
7/18/2024
Products
JumpServer
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Sonos Sonos Era 100 SMB2 Message out-of-bounds write | 9.4 | 6/1/2024 | Sonos | Link | ||
Sonos Sonos Era 100 SMB2 Message use after free | 9.4 | 6/1/2024 | Sonos | Link | ||
MileSight DeviceHub random values | 9.6 | 6/2/2024 | MileSight | Link | ||
MileSight DeviceHub authentication bypass | 9.7 | 6/2/2024 | MileSight | Link | ||
MileSight DeviceHub path traversal | 9.6 | 6/2/2024 | MileSight | Link | ||
MileSight DeviceHub key management | 9.3 | 6/2/2024 | MileSight | Link | ||
Qualcomm Snapdragon Auto LTE improper authentication | 9.3 | 6/3/2024 | Qualcomm | Link | ||
qdrant input validation | 9.6 | 6/3/2024 | qdrant | Link | ||
Summar Software Mentor Employee Portal deserialization | 9.9 | 6/6/2024 | Summar | Link | ||
Emerson Ovation missing authentication | 9.4 | 6/6/2024 | Emerson | Link | ||
lightning-ai pytorch-lightning dynamically-determined object attributes | 9.8 | 6/6/2024 | lightning-ai | Link | ||
mintplex-labs anything-llm update-env os command injection | 9 | 6/6/2024 | mintplex-labs | Link | ||
Logsign Unified SecOps Platform command injection | 9.4 | 6/13/2024 | Logsign | Link | ||
Adobe Framemaker Publishing Server improper authentication | 9.7 | 6/13/2024 | Adobe | Link | ||
ASUS ZenWiFi XT8 improper authentication | 9.8 | 6/14/2024 | ASUS | Link | ||
Toshiba Tec e-Studio Multi-Function Peripheral os command injection | 9.8 | 6/14/2024 | Toshiba | Link | ||
ASUS DSL-AC55 Firmware unrestricted upload | 9.6 | 6/14/2024 | ASUS | Link | ||
TrendNet TEW-814DAP shadow.sample hard-coded password | 9.5 | 6/14/2024 | TrendNet | Link | ||
Trellix Intrusion Prevention System Manager deserialization | 9.6 | 6/14/2024 | Trellix | Link | ||
SECOM WRTR-304GN-304TW-UPSC os command injection | 9.8 | 6/17/2024 | SECOM | Link | ||
GeoVision GVLX 4 V3 os command injection | 9.8 | 6/17/2024 | GeoVision | Link | ||
deepjavalibrary djl path traversal | 9.7 | 6/17/2024 | deepjavalibrary | Link | ||
Emerson Ovation missing authentication | 9.4 | 6/6/2024 | Emerson | Link | ||
lightning-ai pytorch-lightning dynamically-determined object attributes | 9.8 | 6/6/2024 | lightning-ai | Link | ||
mintplex-labs anything-llm update-env os command injection | 9 | 6/6/2024 | mintplex-labs | Link | ||
Logsign Unified SecOps Platform command injection | 9.4 | 6/13/2024 | Logsign | Link | ||
Adobe Framemaker Publishing Server improper authentication | 9.7 | 6/13/2024 | Adobe | Link | ||
ASUS ZenWiFi XT8 improper authentication | 9.8 | 6/14/2024 | ASUS | Link | ||
Toshiba Tec e-Studio Multi-Function Peripheral os command injection | 9.8 | 6/14/2024 | Toshiba | Link | ||
ASUS DSL-AC55 Firmware unrestricted upload | 9.6 | 6/14/2024 | ASUS | Link |
Vulnerability
Sonos Sonos Era 100 SMB2 Message out-of-bounds write
CVSSv3
9.4
Release Date
6/1/2024
Products
Sonos
References
Link
Vulnerability
Sonos Sonos Era 100 SMB2 Message use after free
CVSSv3
9.4
Release Date
6/1/2024
Products
Sonos
References
Link
Vulnerability
MileSight DeviceHub random values
CVSSv3
9.6
Release Date
6/2/2024
Products
MileSight
References
Link
Vulnerability
MileSight DeviceHub authentication bypass
CVSSv3
9.7
Release Date
6/2/2024
Products
MileSight
References
Link
Vulnerability
MileSight DeviceHub path traversal
CVSSv3
9.6
Release Date
6/2/2024
Products
MileSight
References
Link
Vulnerability
MileSight DeviceHub key management
CVSSv3
9.3
Release Date
6/2/2024
Products
MileSight
References
Link
Vulnerability
Qualcomm Snapdragon Auto LTE improper authentication
CVSSv3
9.3
Release Date
6/3/2024
Products
Qualcomm
References
Link
Vulnerability
qdrant input validation
CVSSv3
9.6
Release Date
6/3/2024
Products
qdrant
References
Link
Vulnerability
Summar Software Mentor Employee Portal deserialization
CVSSv3
9.9
Release Date
6/6/2024
Products
Summar
References
Link
Vulnerability
Emerson Ovation missing authentication
CVSSv3
9.4
Release Date
6/6/2024
Products
Emerson
References
Link
Vulnerability
lightning-ai pytorch-lightning dynamically-determined object attributes
CVSSv3
9.8
Release Date
6/6/2024
Products
lightning-ai
References
Link
Vulnerability
mintplex-labs anything-llm update-env os command injection
CVSSv3
9
Release Date
6/6/2024
Products
mintplex-labs
References
Link
Vulnerability
Logsign Unified SecOps Platform command injection
CVSSv3
9.4
Release Date
6/13/2024
Products
Logsign
References
Link
Vulnerability
Adobe Framemaker Publishing Server improper authentication
CVSSv3
9.7
Release Date
6/13/2024
Products
Adobe
References
Link
Vulnerability
ASUS ZenWiFi XT8 improper authentication
CVSSv3
9.8
Release Date
6/14/2024
Products
ASUS
References
Link
Vulnerability
Toshiba Tec e-Studio Multi-Function Peripheral os command injection
CVSSv3
9.8
Release Date
6/14/2024
Products
Toshiba
References
Link
Vulnerability
ASUS DSL-AC55 Firmware unrestricted upload
CVSSv3
9.6
Release Date
6/14/2024
Products
ASUS
References
Link
Vulnerability
TrendNet TEW-814DAP shadow.sample hard-coded password
CVSSv3
9.5
Release Date
6/14/2024
Products
TrendNet
References
Link
Vulnerability
Trellix Intrusion Prevention System Manager deserialization
CVSSv3
9.6
Release Date
6/14/2024
Products
Trellix
References
Link
Vulnerability
SECOM WRTR-304GN-304TW-UPSC os command injection
CVSSv3
9.8
Release Date
6/17/2024
Products
SECOM
References
Link
Vulnerability
GeoVision GVLX 4 V3 os command injection
CVSSv3
9.8
Release Date
6/17/2024
Products
GeoVision
References
Link
Vulnerability
deepjavalibrary djl path traversal
CVSSv3
9.7
Release Date
6/17/2024
Products
deepjavalibrary
References
Link
Vulnerability
Emerson Ovation missing authentication
CVSSv3
9.4
Release Date
6/6/2024
Products
Emerson
References
Link
Vulnerability
lightning-ai pytorch-lightning dynamically-determined object attributes
CVSSv3
9.8
Release Date
6/6/2024
Products
lightning-ai
References
Link
Vulnerability
mintplex-labs anything-llm update-env os command injection
CVSSv3
9
Release Date
6/6/2024
Products
mintplex-labs
References
Link
Vulnerability
Logsign Unified SecOps Platform command injection
CVSSv3
9.4
Release Date
6/13/2024
Products
Logsign
References
Link
Vulnerability
Adobe Framemaker Publishing Server improper authentication
CVSSv3
9.7
Release Date
6/13/2024
Products
Adobe
References
Link
Vulnerability
ASUS ZenWiFi XT8 improper authentication
CVSSv3
9.8
Release Date
6/14/2024
Products
ASUS
References
Link
Vulnerability
Toshiba Tec e-Studio Multi-Function Peripheral os command injection
CVSSv3
9.8
Release Date
6/14/2024
Products
Toshiba
References
Link
Vulnerability
ASUS DSL-AC55 Firmware unrestricted upload
CVSSv3
9.6
Release Date
6/14/2024
Products
ASUS
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
RIOT-OS gcoap_dns_server_proxy_get buffer overflow | 9.8 | 5/1/2024 | RIOT-OS | Link | ||
Aruba ArubaOS 8.10.0.11/8.11.2.2/10.4.1.1/10.5.1.1 L2-L3 Management Service buffer overflow | 9.8 | 5/1/2024 | Aruba ArubaOS | Link | ||
Aruba ArubaOS Access Point Management Protocol buffer overflow | 9.8 | 5/1/2024 | Aruba ArubaOS | Link | ||
Aruba ArubaOS Automatic Reporting Service buffer overflow | 9.8 | 5/1/2024 | Aruba ArubaOS | Link | ||
Aruba ArubaOS Local User Authentication Database Service buffer overflow | 9.8 | 5/1/2024 | Aruba ArubaOS | Link | ||
Tinyproxy HTTP Connection Header use after free | 9.8 | 5/1/2024 | Tinyproxy | Link | ||
TP-Link AX1800 hotplugd Firewall Rule race condition | 9.4 | 5/3/2024 | TP-Link | Link | ||
Triangle MicroWorks SCADA Data Gateway missing authentication | 9.8 | 5/3/2024 | Triangle MicroWorks | Link | ||
Ignition Automation Ignition ParameterVersionJavaSerializationCodec deserialization | 9.8 | 5/3/2024 | Ignition Automation | Link | ||
Ignition Automation Ignition JavaSerializationCodec deserialization | 9.8 | 5/3/2024 | Ignition Automation | Link | ||
Exim AUTH out-of-bounds write | 9.8 | 5/3/2024 | Exim AUTH | Link | ||
Control Web Panel improper authentication | 9.8 | 5/3/2024 | Control Web Panel | Link | ||
D-Link D-View InstallApplication hard-coded credentials | 9.5 | 5/3/2024 | D-Link | Link | ||
D-Link D-View coreservice_action_script Remote Code Execution | 9.5 | 5/3/2024 | D-Link | Link | ||
Voltronic Power ViewPower Pro improper authentication | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Pro Remote Code Execution | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability | 9.8 | 5/3/2024 | Voltronic Power | Link | ||
PWAsForFirefox Arbitrary code execution due to improper sanitization of web app properties on Linux and PortableApps.com | 9.7 | 5/3/2024 | PWAsForFirefox | Link | ||
CyberPower PowerPanel Enterprise PDNU REST API missing authentication | 9.8 | 5/9/2024 | CyberPower | Link | ||
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 | 9.6 | 5/9/2024 | Google Chrome | Link | ||
LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection | 9.8 | 5/10/2024 | LearnPress | Link | ||
`/api/proxy` endpoint ssrf vulnerability in lobe-chat | 9 | 5/10/2024 | lobe-chat | Link | ||
Veeam Service Provider Console Management Agent deserialization | 9.3 | 5/13/2024 | Veeam | Link |
Vulnerability
RIOT-OS gcoap_dns_server_proxy_get buffer overflow
CVSSv3
9.8
Release Date
5/1/2024
Products
RIOT-OS
References
Link
Vulnerability
Aruba ArubaOS 8.10.0.11/8.11.2.2/10.4.1.1/10.5.1.1 L2-L3 Management Service buffer overflow
CVSSv3
9.8
Release Date
5/1/2024
Products
Aruba ArubaOS
References
Link
Vulnerability
Aruba ArubaOS Access Point Management Protocol buffer overflow
CVSSv3
9.8
Release Date
5/1/2024
Products
Aruba ArubaOS
References
Link
Vulnerability
Aruba ArubaOS Automatic Reporting Service buffer overflow
CVSSv3
9.8
Release Date
5/1/2024
Products
Aruba ArubaOS
References
Link
Vulnerability
Aruba ArubaOS Local User Authentication Database Service buffer overflow
CVSSv3
9.8
Release Date
5/1/2024
Products
Aruba ArubaOS
References
Link
Vulnerability
Tinyproxy HTTP Connection Header use after free
CVSSv3
9.8
Release Date
5/1/2024
Products
Tinyproxy
References
Link
Vulnerability
TP-Link AX1800 hotplugd Firewall Rule race condition
CVSSv3
9.4
Release Date
5/3/2024
Products
TP-Link
References
Link
Vulnerability
Triangle MicroWorks SCADA Data Gateway missing authentication
CVSSv3
9.8
Release Date
5/3/2024
Products
Triangle MicroWorks
References
Link
Vulnerability
Ignition Automation Ignition ParameterVersionJavaSerializationCodec deserialization
CVSSv3
9.8
Release Date
5/3/2024
Products
Ignition Automation
References
Link
Vulnerability
Ignition Automation Ignition JavaSerializationCodec deserialization
CVSSv3
9.8
Release Date
5/3/2024
Products
Ignition Automation
References
Link
Vulnerability
Exim AUTH out-of-bounds write
CVSSv3
9.8
Release Date
5/3/2024
Products
Exim AUTH
References
Link
Vulnerability
Control Web Panel improper authentication
CVSSv3
9.8
Release Date
5/3/2024
Products
Control Web Panel
References
Link
Vulnerability
D-Link D-View InstallApplication hard-coded credentials
CVSSv3
9.5
Release Date
5/3/2024
Products
D-Link
References
Link
Vulnerability
D-Link D-View coreservice_action_script Remote Code Execution
CVSSv3
9.5
Release Date
5/3/2024
Products
D-Link
References
Link
Vulnerability
Voltronic Power ViewPower Pro improper authentication
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Pro Remote Code Execution
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability
CVSSv3
9.8
Release Date
5/3/2024
Products
Voltronic Power
References
Link
Vulnerability
PWAsForFirefox Arbitrary code execution due to improper sanitization of web app properties on Linux and PortableApps.com
CVSSv3
9.7
Release Date
5/3/2024
Products
PWAsForFirefox
References
Link
Vulnerability
CyberPower PowerPanel Enterprise PDNU REST API missing authentication
CVSSv3
9.8
Release Date
5/9/2024
Products
CyberPower
References
Link
Vulnerability
Use after free in Visuals in Google Chrome prior to 124.0.6367.201
CVSSv3
9.6
Release Date
5/9/2024
Products
Google Chrome
References
Link
Vulnerability
LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection
CVSSv3
9.8
Release Date
5/10/2024
Products
LearnPress
References
Link
Vulnerability
`/api/proxy` endpoint ssrf vulnerability in lobe-chat
CVSSv3
9
Release Date
5/10/2024
Products
lobe-chat
References
Link
Vulnerability
Veeam Service Provider Console Management Agent deserialization
CVSSv3
9.3
Release Date
5/13/2024
Products
Veeam
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Qualcomm Snapdragon File Name Memory Corruption | 9.6 | 4/1/2024 | Qualcomm Snapdragon | Link | ||
Progress Flowmon up to 11.1.13/12.3.4 Management Interface os command injection | 9.7 | 4/2/2024 | Progress Flowmon | Link | ||
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L up to 20240403 HTTP GET Request /cgi-bin/nas_sharing.cgi user hard-coded credentials | 9.7 | 4/3/2024 | D-Link | Link | ||
Brocade Fabric OS up to 9.2.0 os command injection | 9.2 | 4/4/2024 | Brocade Fabric OS | Link | ||
CData API Server Prior 23.4.8844 Embedded Jetty Server path traversal | 9.6 | 4/5/2024 | CData | Link | ||
CData Connect prior 23.4.8846 Embedded Jetty Server path traversal | 9.6 | 4/5/2024 | CData | Link | ||
Google Nest Wifi Pro 11 out-of-bounds | 9.9 | 4/5/2024 | Google Nest Wifi Pro | Link | ||
Google Chromecast 5.0 U-boot Remote Code Execution | 9.9 | 4/5/2024 | Google Chromecast | Link | ||
Rust up to 1.77.1 on Windows Batch File Command::arg os command injection | 9.7 | 4/9/2024 | Rust | Link | ||
parisneo lollms-webui up to 9.0 /open_code_folder discussion_id os command injection | 9.6 | 4/10/2024 | parisneo | Link | ||
aimhubio aim /api/runs/search/run/ run_search_api code injection | 9.8 | 4/10/2024 | aimhubio | Link | ||
mudler localai up to 2.9.x audioToWav os command injection | 9.1 | 4/10/2024 | mudler localai | Link | ||
Xiongmai AHB7804R-MH-V2 up to 5.00.R02.00030751.10010.348717.0000000 Sofia Service access control | 9.2 | 4/14/2024 | Xiongmai | Link | ||
run-llama llama_index up to 10.25 safe_eval command injection | 9.6 | 4/16/2024 | run-llama | Link | ||
Judge0 up to 1.13.0 symlink | 9.7 | 4/18/2024 | Judge0 | Link | ||
Judge0 up to 1.13.0 run_script symlink | 9.9 | 4/18/2024 | Judge0 | Link | ||
Ivanti Avalanche up to 6.4.2 WLAvalancheService heap-based overflow | 9.6 | 4/19/2024 | Ivanti Avalanche | Link | ||
Wazuh up to 4.7.1 wazuh-analysisd heap-based overflow | 9.6 | 4/19/2024 | Wazuh | Link | ||
FreeRDP up to 3.5.0 out-of-bounds | 9.6 | 4/23/2024 | FreeRDP | Link | ||
FreeRDP up to 2.11.5/3.4.x /gfx integer overflow | 9.6 | 4/23/2024 | FreeRDP | Link | ||
FreeRDP up to 2.11.5/3.4.x out-of-bounds | 9.6 | 4/23/2024 | FreeRDP | Link | ||
FreeRDP up to 2.11.5/3.4.x out-of-bounds | 9.6 | 4/23/2024 | FreeRDP | Link | ||
FreeRDP up to 2.11.5/3.4.x out-of-bounds | 9.6 | 4/23/2024 | FreeRDP | Link | ||
mysql2 up to 3.9.6 readCodeFor timezone code injection | 9.6 | 4/23/2024 | mysql2 | Link | ||
FreeRDP up to 3.5.0 out-of-bounds | 9.6 | 4/23/2024 | FreeRDP | Link | ||
QNAP QTS/QuTS hero/QuTScloud command injection | 10 | 4/26/2024 | QNAP | Link | ||
dgtlmoon changedetection.io up to 0.45.20 Template special elements used in a template engine | 10 | 4/26/2024 | dgtlmoon | Link | ||
Eclipse Target Management up to 4.5.500 os command injection | 9.8 | 4/26/2024 | Eclipse | Link | ||
Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection | 9.9 | 4/27/2024 | MotoPress | Link | ||
E-WEBInformationCo. FS-EZViewer(Web) - Sensitive Data Exposure | 9.8 | 4/29/2024 | FS-EZViewer(Web) | Link |
Vulnerability
Qualcomm Snapdragon File Name Memory Corruption
CVSSv3
9.6
Release Date
4/1/2024
Products
Qualcomm Snapdragon
References
Link
Vulnerability
Progress Flowmon up to 11.1.13/12.3.4 Management Interface os command injection
CVSSv3
9.7
Release Date
4/2/2024
Products
Progress Flowmon
References
Link
Vulnerability
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L up to 20240403 HTTP GET Request /cgi-bin/nas_sharing.cgi user hard-coded credentials
CVSSv3
9.7
Release Date
4/3/2024
Products
D-Link
References
Link
Vulnerability
Brocade Fabric OS up to 9.2.0 os command injection
CVSSv3
9.2
Release Date
4/4/2024
Products
Brocade Fabric OS
References
Link
Vulnerability
CData API Server Prior 23.4.8844 Embedded Jetty Server path traversal
CVSSv3
9.6
Release Date
4/5/2024
Products
CData
References
Link
Vulnerability
CData Connect prior 23.4.8846 Embedded Jetty Server path traversal
CVSSv3
9.6
Release Date
4/5/2024
Products
CData
References
Link
Vulnerability
Google Nest Wifi Pro 11 out-of-bounds
CVSSv3
9.9
Release Date
4/5/2024
Products
Google Nest Wifi Pro
References
Link
Vulnerability
Google Chromecast 5.0 U-boot Remote Code Execution
CVSSv3
9.9
Release Date
4/5/2024
Products
Google Chromecast
References
Link
Vulnerability
Rust up to 1.77.1 on Windows Batch File Command::arg os command injection
CVSSv3
9.7
Release Date
4/9/2024
Products
Rust
References
Link
Vulnerability
parisneo lollms-webui up to 9.0 /open_code_folder discussion_id os command injection
CVSSv3
9.6
Release Date
4/10/2024
Products
parisneo
References
Link
Vulnerability
aimhubio aim /api/runs/search/run/ run_search_api code injection
CVSSv3
9.8
Release Date
4/10/2024
Products
aimhubio
References
Link
Vulnerability
mudler localai up to 2.9.x audioToWav os command injection
CVSSv3
9.1
Release Date
4/10/2024
Products
mudler localai
References
Link
Vulnerability
Xiongmai AHB7804R-MH-V2 up to 5.00.R02.00030751.10010.348717.0000000 Sofia Service access control
CVSSv3
9.2
Release Date
4/14/2024
Products
Xiongmai
References
Link
Vulnerability
run-llama llama_index up to 10.25 safe_eval command injection
CVSSv3
9.6
Release Date
4/16/2024
Products
run-llama
References
Link
Vulnerability
Judge0 up to 1.13.0 symlink
CVSSv3
9.7
Release Date
4/18/2024
Products
Judge0
References
Link
Vulnerability
Judge0 up to 1.13.0 run_script symlink
CVSSv3
9.9
Release Date
4/18/2024
Products
Judge0
References
Link
Vulnerability
Ivanti Avalanche up to 6.4.2 WLAvalancheService heap-based overflow
CVSSv3
9.6
Release Date
4/19/2024
Products
Ivanti Avalanche
References
Link
Vulnerability
Wazuh up to 4.7.1 wazuh-analysisd heap-based overflow
CVSSv3
9.6
Release Date
4/19/2024
Products
Wazuh
References
Link
Vulnerability
FreeRDP up to 3.5.0 out-of-bounds
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
FreeRDP up to 2.11.5/3.4.x /gfx integer overflow
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
FreeRDP up to 2.11.5/3.4.x out-of-bounds
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
FreeRDP up to 2.11.5/3.4.x out-of-bounds
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
FreeRDP up to 2.11.5/3.4.x out-of-bounds
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
mysql2 up to 3.9.6 readCodeFor timezone code injection
CVSSv3
9.6
Release Date
4/23/2024
Products
mysql2
References
Link
Vulnerability
FreeRDP up to 3.5.0 out-of-bounds
CVSSv3
9.6
Release Date
4/23/2024
Products
FreeRDP
References
Link
Vulnerability
QNAP QTS/QuTS hero/QuTScloud command injection
CVSSv3
10
Release Date
4/26/2024
Products
QNAP
References
Link
Vulnerability
dgtlmoon changedetection.io up to 0.45.20 Template special elements used in a template engine
CVSSv3
10
Release Date
4/26/2024
Products
dgtlmoon
References
Link
Vulnerability
Eclipse Target Management up to 4.5.500 os command injection
CVSSv3
9.8
Release Date
4/26/2024
Products
Eclipse
References
Link
Vulnerability
Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection
CVSSv3
9.9
Release Date
4/27/2024
Products
MotoPress
References
Link
Vulnerability
E-WEBInformationCo. FS-EZViewer(Web) - Sensitive Data Exposure
CVSSv3
9.8
Release Date
4/29/2024
Products
FS-EZViewer(Web)
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
SolarWinds Security Event Manager Service deserialization | 9.1 | 3/1/2024 | SolarWinds | Link | ||
Qualcomm Snapdragon MLIE memory corruption | 9.6 | 3/4/2024 | Qualcomm | Link | ||
Qualcomm Snapdragon MBSSID Beacon memory corruption | 9.6 | 3/4/2024 | Qualcomm | Link | ||
Qualcomm Snapdragon DTLS Handshake memory corruption | 9.6 | 3/4/2024 | Qualcomm | Link | ||
ZKSoftware Biometric Security Solutions UFace 5 authentication bypass | 9.8 | 3/5/2024 | ZKSoftware | Link | ||
XPodas Octopod authentication bypass | 9.6 | 3/5/2024 | XPodas | Link | ||
eProsima Fast-DDS DATA_FRAG Submessage use after free | 9 | 3/6/2024 | eProsima | Link | ||
QNAP QTS/QuTS hero/QuTScloud improper authentication | 9.6 | 3/8/2024 | QNAP | Link | ||
Canon Color imageCLASS MF740C WSD Probe Request Process out-of-bounds write | 9.8 | 3/11/2024 | Canon | Link | ||
D-Link DIR-822 Rev B/DIR-822-CA Rev B HNAP stack-based overflow | 9.8 | 3/12/2024 | D-Link | Link | ||
Siemens SINEMA Remote Connect Server Web Service access control | 9.6 | 3/12/2024 | Siemens | Link | ||
Siemens Cerberus PRO EN Engineering Tool X.509 Certificate stack-based overflow | 9.7 | 3/12/2024 | Siemens | Link | ||
Fortinet FortiOS/FortiPAM/FortiProxy HTTP Request out-of-bounds write | 9.6 | 3/12/2024 | Fortinet | Link | ||
Arcserve Unified Data Protection wizardLogin doLogin improper authentication | 9.8 | 3/13/2024 | Arcserve | Link | ||
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow | 9.6 | 3/15/2024 | Mitsubishi | Link | ||
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow | 9.6 | 3/15/2024 | Mitsubishi | Link | ||
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet incorrect pointer scaling | 9.6 | 3/15/2024 | Mitsubishi | Link | ||
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow | 9.6 | 3/15/2024 | Mitsubishi | Link | ||
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet incorrect pointer scaling | 9.6 | 3/15/2024 | Mitsubishi | Link | ||
open-metadata OpenMetadata v1 getUserPrincipal improper authentication | 9.6 | 3/15/2024 | open-metadata | Link | ||
Amssplus AMSS++ unrestricted upload | 9.3 | 3/18/2024 | Amssplus | Link | ||
Unitronics Unistream Unilogic improper authentication | 9.7 | 3/18/2024 | Unitronics | Link | ||
Unitronics Unistream Unilogic path traversal | 9.6 | 3/18/2024 | Unitronics | Link | ||
jens-maus RaspberryMatic path traversal | 9.7 | 3/19/2024 | jens-maus | Link | ||
OpenText ArcSight Platform Remote Code Execution | 9.6 | 3/20/2024 | OpenText | Link | ||
Progress Telerik Report Server deserialization | 9.1 | 3/20/2024 | Progress | Link | ||
eProsima Fast-DDS DATA Submessage heap-based overflow | 9 | 3/21/2024 | eProsima | Link | ||
Kiloview NDI hard-coded credentials | 9.6 | 3/21/2024 | Kiloview | Link | ||
OpenText PVCS Version Manager improper authentication | 9.6 | 3/21/2024 | OpenText | Link | ||
OpenText PVCS Version Manager improper authentication | 9.6 | 3/21/2024 | OpenText | Link |
Vulnerability
SolarWinds Security Event Manager Service deserialization
CVSSv3
9.1
Release Date
3/1/2024
Products
SolarWinds
References
Link
Vulnerability
Qualcomm Snapdragon MLIE memory corruption
CVSSv3
9.6
Release Date
3/4/2024
Products
Qualcomm
References
Link
Vulnerability
Qualcomm Snapdragon MBSSID Beacon memory corruption
CVSSv3
9.6
Release Date
3/4/2024
Products
Qualcomm
References
Link
Vulnerability
Qualcomm Snapdragon DTLS Handshake memory corruption
CVSSv3
9.6
Release Date
3/4/2024
Products
Qualcomm
References
Link
Vulnerability
ZKSoftware Biometric Security Solutions UFace 5 authentication bypass
CVSSv3
9.8
Release Date
3/5/2024
Products
ZKSoftware
References
Link
Vulnerability
XPodas Octopod authentication bypass
CVSSv3
9.6
Release Date
3/5/2024
Products
XPodas
References
Link
Vulnerability
eProsima Fast-DDS DATA_FRAG Submessage use after free
CVSSv3
9
Release Date
3/6/2024
Products
eProsima
References
Link
Vulnerability
QNAP QTS/QuTS hero/QuTScloud improper authentication
CVSSv3
9.6
Release Date
3/8/2024
Products
QNAP
References
Link
Vulnerability
Canon Color imageCLASS MF740C WSD Probe Request Process out-of-bounds write
CVSSv3
9.8
Release Date
3/11/2024
Products
Canon
References
Link
Vulnerability
D-Link DIR-822 Rev B/DIR-822-CA Rev B HNAP stack-based overflow
CVSSv3
9.8
Release Date
3/12/2024
Products
D-Link
References
Link
Vulnerability
Siemens SINEMA Remote Connect Server Web Service access control
CVSSv3
9.6
Release Date
3/12/2024
Products
Siemens
References
Link
Vulnerability
Siemens Cerberus PRO EN Engineering Tool X.509 Certificate stack-based overflow
CVSSv3
9.7
Release Date
3/12/2024
Products
Siemens
References
Link
Vulnerability
Fortinet FortiOS/FortiPAM/FortiProxy HTTP Request out-of-bounds write
CVSSv3
9.6
Release Date
3/12/2024
Products
Fortinet
References
Link
Vulnerability
Arcserve Unified Data Protection wizardLogin doLogin improper authentication
CVSSv3
9.8
Release Date
3/13/2024
Products
Arcserve
References
Link
Vulnerability
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow
CVSSv3
9.6
Release Date
3/15/2024
Products
Mitsubishi
References
Link
Vulnerability
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow
CVSSv3
9.6
Release Date
3/15/2024
Products
Mitsubishi
References
Link
Vulnerability
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet incorrect pointer scaling
CVSSv3
9.6
Release Date
3/15/2024
Products
Mitsubishi
References
Link
Vulnerability
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet integer overflow
CVSSv3
9.6
Release Date
3/15/2024
Products
Mitsubishi
References
Link
Vulnerability
Mitsubishi Electric MELSEC-Q/MELSEC-L Packet incorrect pointer scaling
CVSSv3
9.6
Release Date
3/15/2024
Products
Mitsubishi
References
Link
Vulnerability
open-metadata OpenMetadata v1 getUserPrincipal improper authentication
CVSSv3
9.6
Release Date
3/15/2024
Products
open-metadata
References
Link
Vulnerability
Amssplus AMSS++ unrestricted upload
CVSSv3
9.3
Release Date
3/18/2024
Products
Amssplus
References
Link
Vulnerability
Unitronics Unistream Unilogic improper authentication
CVSSv3
9.7
Release Date
3/18/2024
Products
Unitronics
References
Link
Vulnerability
Unitronics Unistream Unilogic path traversal
CVSSv3
9.6
Release Date
3/18/2024
Products
Unitronics
References
Link
Vulnerability
jens-maus RaspberryMatic path traversal
CVSSv3
9.7
Release Date
3/19/2024
Products
jens-maus
References
Link
Vulnerability
OpenText ArcSight Platform Remote Code Execution
CVSSv3
9.6
Release Date
3/20/2024
Products
OpenText
References
Link
Vulnerability
Progress Telerik Report Server deserialization
CVSSv3
9.1
Release Date
3/20/2024
Products
Progress
References
Link
Vulnerability
eProsima Fast-DDS DATA Submessage heap-based overflow
CVSSv3
9
Release Date
3/21/2024
Products
eProsima
References
Link
Vulnerability
Kiloview NDI hard-coded credentials
CVSSv3
9.6
Release Date
3/21/2024
Products
Kiloview
References
Link
Vulnerability
OpenText PVCS Version Manager improper authentication
CVSSv3
9.6
Release Date
3/21/2024
Products
OpenText
References
Link
Vulnerability
OpenText PVCS Version Manager improper authentication
CVSSv3
9.6
Release Date
3/21/2024
Products
OpenText
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
moby buildkit API authorization | 9.6 | 2/1/2024 | moby | Link | ||
Gessler WEB-MASTER weak credentials | 9.4 | 2/1/2024 | Gessler | Link | ||
Fortinet FortiSIEM API Request os command injection | 9.7 | 2/5/2024 | Fortinet | Link | ||
Fortinet FortiSIEM API Request os command injection | 9.7 | 2/5/2024 | Fortinet | Link | ||
Canon Satera LBP670C CPCA PCFAX Number Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C SLP Attribute Request Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C CPCA Color LUT Resource Download Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C WSD Probe Request Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C Address Book Password Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C CPCA PDL Resource Download Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
Canon Satera LBP670C Address Book Username Process out-of-bounds write | 9.8 | 2/6/2024 | Canon | Link | ||
D-Link Go-RT-AC750 hard-coded password | 9.5 | 2/6/2024 | D-Link | Link | ||
JetBrains TeamCity authentication bypass | 9.6 | 2/6/2024 | JetBrains | Link | ||
OpenObserve Role-Based Access Control users improper authorization | 9.1 | 2/9/2024 | OpenObserve | Link | ||
Fortinet FortiOS fgfmd format string | 9.4 | 2/9/2024 | Fortinet | Link | ||
Fortinet FortiOS SSL-VPN out-of-bounds write | 9.4 | 2/9/2024 | Fortinet | Link | ||
Steinbeis Allegra SiteConfigAction access control | 9.4 | 2/10/2024 | Steinbeis | Link | ||
Steinbeis Allegra loadFieldMatch deserialization | 9.4 | 2/10/2024 | Steinbeis | Link | ||
Steinbeis Allegra renderFieldMatch deserialization | 9.4 | 2/10/2024 | Steinbeis | Link | ||
Siemens Location Intelligence Perpetual Large hard-coded credentials | 9.6 | 2/13/2024 | Siemens | Link | ||
Microsoft Exchange Server Remote Code Execution | 9.1 | 2/13/2024 | Microsoft | Link | ||
Adobe FrameMaker Publishing Server improper authentication | 9.4 | 2/14/2024 | Adobe | Link | ||
HGiga OAKlouds os command injection | 9.6 | 2/15/2024 | HGiga | Link | ||
Dell SmartFabric OS10 os command injection | 9.6 | 2/15/2024 | Dell | Link | ||
Dell Enterprise SONiC OS input validation | 9.8 | 2/15/2024 | Dell | Link | ||
SolarWinds Access Rights Manager path traversal | 9.2 | 2/15/2024 | SolarWinds | Link | ||
SolarWinds Access Rights Manager path traversal | 9.2 | 2/15/2024 | SolarWinds | Link | ||
Loomio os command injection | 9.9 | 2/20/2024 | Loomio | Link | ||
Torrentpier deserialization | 9.9 | 2/20/2024 | Torrentpier | Link | ||
CISA Ethercat Zeek Plugin Datagram Analyzer out-of-bounds write | 9.4 | 2/21/2024 | CISA | Link |
Vulnerability
moby buildkit API authorization
CVSSv3
9.6
Release Date
2/1/2024
Products
moby
References
Link
Vulnerability
Gessler WEB-MASTER weak credentials
CVSSv3
9.4
Release Date
2/1/2024
Products
Gessler
References
Link
Vulnerability
Fortinet FortiSIEM API Request os command injection
CVSSv3
9.7
Release Date
2/5/2024
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiSIEM API Request os command injection
CVSSv3
9.7
Release Date
2/5/2024
Products
Fortinet
References
Link
Vulnerability
Canon Satera LBP670C CPCA PCFAX Number Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C SLP Attribute Request Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C CPCA Color LUT Resource Download Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C WSD Probe Request Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C Address Book Password Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C CPCA PDL Resource Download Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
Canon Satera LBP670C Address Book Username Process out-of-bounds write
CVSSv3
9.8
Release Date
2/6/2024
Products
Canon
References
Link
Vulnerability
D-Link Go-RT-AC750 hard-coded password
CVSSv3
9.5
Release Date
2/6/2024
Products
D-Link
References
Link
Vulnerability
JetBrains TeamCity authentication bypass
CVSSv3
9.6
Release Date
2/6/2024
Products
JetBrains
References
Link
Vulnerability
OpenObserve Role-Based Access Control users improper authorization
CVSSv3
9.1
Release Date
2/9/2024
Products
OpenObserve
References
Link
Vulnerability
Fortinet FortiOS fgfmd format string
CVSSv3
9.4
Release Date
2/9/2024
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiOS SSL-VPN out-of-bounds write
CVSSv3
9.4
Release Date
2/9/2024
Products
Fortinet
References
Link
Vulnerability
Steinbeis Allegra SiteConfigAction access control
CVSSv3
9.4
Release Date
2/10/2024
Products
Steinbeis
References
Link
Vulnerability
Steinbeis Allegra loadFieldMatch deserialization
CVSSv3
9.4
Release Date
2/10/2024
Products
Steinbeis
References
Link
Vulnerability
Steinbeis Allegra renderFieldMatch deserialization
CVSSv3
9.4
Release Date
2/10/2024
Products
Steinbeis
References
Link
Vulnerability
Siemens Location Intelligence Perpetual Large hard-coded credentials
CVSSv3
9.6
Release Date
2/13/2024
Products
Siemens
References
Link
Vulnerability
Microsoft Exchange Server Remote Code Execution
CVSSv3
9.1
Release Date
2/13/2024
Products
Microsoft
References
Link
Vulnerability
Adobe FrameMaker Publishing Server improper authentication
CVSSv3
9.4
Release Date
2/14/2024
Products
Adobe
References
Link
Vulnerability
HGiga OAKlouds os command injection
CVSSv3
9.6
Release Date
2/15/2024
Products
HGiga
References
Link
Vulnerability
Dell SmartFabric OS10 os command injection
CVSSv3
9.6
Release Date
2/15/2024
Products
Dell
References
Link
Vulnerability
Dell Enterprise SONiC OS input validation
CVSSv3
9.8
Release Date
2/15/2024
Products
Dell
References
Link
Vulnerability
SolarWinds Access Rights Manager path traversal
CVSSv3
9.2
Release Date
2/15/2024
Products
SolarWinds
References
Link
Vulnerability
SolarWinds Access Rights Manager path traversal
CVSSv3
9.2
Release Date
2/15/2024
Products
SolarWinds
References
Link
Vulnerability
Loomio os command injection
CVSSv3
9.9
Release Date
2/20/2024
Products
Loomio
References
Link
Vulnerability
Torrentpier deserialization
CVSSv3
9.9
Release Date
2/20/2024
Products
Torrentpier
References
Link
Vulnerability
CISA Ethercat Zeek Plugin Datagram Analyzer out-of-bounds write
CVSSv3
9.4
Release Date
2/21/2024
Products
CISA
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Qualcomm 680 4G Mobile Platform Data Modem memory corruption | 9.6 | 1/2/2024 | Qualcomm | Link | ||
https://www.cve.org/CVERecord?id=CVE-2023-33025 | 9.9 | 1/2/2024 | Link | |||
Google Pixel Watch DeviceVersionFragment.java checkDebuggingDisallowed privileges management | 9.7 | 1/3/2024 | Link | |||
Google Wifi Pro missing encryption | 9.9 | 1/3/2024 | Link | |||
mehah OTCLient SonarCloud Workflow otclient injection | 9.6 | 1/3/2024 | mehah | Link | ||
Paddle convert_shape_compare os command injection | 9 | 1/3/2024 | Paddle | Link | ||
Paddle _wget_download os command injection | 9 | 1/3/2024 | Paddle | Link | ||
Paddle get_online_pass_interval os command injection | 9 | 1/3/2024 | Paddle | Link | ||
Ivanti Endpoint Manager sql injection | 9 | 1/5/2024 | Ivanti | Link | ||
DEMON1A Discord-Recon input validation | 9.1 | 1/9/2024 | DEMON1A | Link | ||
Siemens SIMATIC CN 4100 default credentials | 9.6 | 1/9/2024 | Siemens | Link | ||
Korenix JetNet signature verification | 9.6 | 1/9/2024 | Korenix | Link | ||
Siemens SIMATIC IPC1047E/SIMATIC IPC647E/SIMATIC IPC847E maxView Storage Manager input validation | 9.7 | 1/9/2024 | Siemens | Link | ||
AMI MegaRAC_SPx BMC stack-based overflow | 9 | 1/10/2024 | AMI | Link | ||
AMI MegaRAC_SPx BMC or stack-based overflow | 9 | 1/10/2024 | AMI | Link | ||
Apple iOS/iPadOS type confusion | 9.4 | 1/11/2024 | Apple | Link | ||
Zoho ManageEngine ADSelfService Plus Load Balancer Privilege Escalation | 9.1 | 1/11/2024 | Zoho | Link | ||
Juniper Junos OS J-Web out-of-bounds write | 9.6 | 1/12/2024 | Juniper | Link | ||
Intumit SmartRobot Web Framework injection | 9.8 | 1/15/2024 | Intumit | Link | ||
Atlassian Confluence Data Center/Confluence Server Template injection | 9.7 | 1/16/2024 | Atlassian | Link | ||
VMware Aria Automation/Cloud Foundation access control | 9.1 | 1/16/2024 | VMware | Link | ||
Cires21 C21 Live Encoder and Live Mosaic File Extension unrestricted upload | 9.9 | 1/17/2024 | Cires21 | Link | ||
Cires21 C21 Live Encoder and Live Mosaic Endpoint access control | 9.8 | 1/17/2024 | Cires21 | Link | ||
ASUS Armoury Crate HTTP Request external reference | 9.8 | 1/19/2024 | ASUS | Link | ||
sofastack sofa-rpc SOFA Hessian Protocol deserialization | 9.6 | 1/23/2024 | sofastack | Link | ||
Arris SURFboard SBG6950AC2 missing authentication | 9.2 | 1/26/2024 | Arris | Link | ||
D-Link DAP-1650 UPnP SUBSCRIBE Message command injection | 9.2 | 1/26/2024 | D-Link | Link | ||
D-Link DAP-1650 gena.cgi command injection | 9.2 | 1/26/2024 | D-Link | Link | ||
Symantec Server Management Suite buffer overflow | 9.9 | 1/26/2024 | Symantec | Link | ||
Symantec Deployment Solution UpdateComputer Token Parser buffer overflow | 9.9 | 1/26/2024 | Symantec | Link |
Vulnerability
Qualcomm 680 4G Mobile Platform Data Modem memory corruption
CVSSv3
9.6
Release Date
1/2/2024
Products
Qualcomm
References
Link
Vulnerability
https://www.cve.org/CVERecord?id=CVE-2023-33025
CVSSv3
9.9
Release Date
1/2/2024
Products
Google
References
Link
Vulnerability
Google Pixel Watch DeviceVersionFragment.java checkDebuggingDisallowed privileges management
CVSSv3
9.7
Release Date
1/3/2024
Products
Google
References
Link
Vulnerability
Google Wifi Pro missing encryption
CVSSv3
9.9
Release Date
1/3/2024
Products
Google
References
Link
Vulnerability
mehah OTCLient SonarCloud Workflow otclient injection
CVSSv3
9.6
Release Date
1/3/2024
Products
mehah
References
Link
Vulnerability
Paddle convert_shape_compare os command injection
CVSSv3
9
Release Date
1/3/2024
Products
Paddle
References
Link
Vulnerability
Paddle _wget_download os command injection
CVSSv3
9
Release Date
1/3/2024
Products
Paddle
References
Link
Vulnerability
Paddle get_online_pass_interval os command injection
CVSSv3
9
Release Date
1/3/2024
Products
Paddle
References
Link
Vulnerability
Ivanti Endpoint Manager sql injection
CVSSv3
9
Release Date
1/5/2024
Products
Ivanti
References
Link
Vulnerability
DEMON1A Discord-Recon input validation
CVSSv3
9.1
Release Date
1/9/2024
Products
DEMON1A
References
Link
Vulnerability
Siemens SIMATIC CN 4100 default credentials
CVSSv3
9.6
Release Date
1/9/2024
Products
Siemens
References
Link
Vulnerability
Korenix JetNet signature verification
CVSSv3
9.6
Release Date
1/9/2024
Products
Korenix
References
Link
Vulnerability
Siemens SIMATIC IPC1047E/SIMATIC IPC647E/SIMATIC IPC847E maxView Storage Manager input validation
CVSSv3
9.7
Release Date
1/9/2024
Products
Siemens
References
Link
Vulnerability
AMI MegaRAC_SPx BMC stack-based overflow
CVSSv3
9
Release Date
1/10/2024
Products
AMI
References
Link
Vulnerability
AMI MegaRAC_SPx BMC or stack-based overflow
CVSSv3
9
Release Date
1/10/2024
Products
AMI
References
Link
Vulnerability
Apple iOS/iPadOS type confusion
CVSSv3
9.4
Release Date
1/11/2024
Products
Apple
References
Link
Vulnerability
Zoho ManageEngine ADSelfService Plus Load Balancer Privilege Escalation
CVSSv3
9.1
Release Date
1/11/2024
Products
Zoho
References
Link
Vulnerability
Juniper Junos OS J-Web out-of-bounds write
CVSSv3
9.6
Release Date
1/12/2024
Products
Juniper
References
Link
Vulnerability
Intumit SmartRobot Web Framework injection
CVSSv3
9.8
Release Date
1/15/2024
Products
Intumit
References
Link
Vulnerability
Atlassian Confluence Data Center/Confluence Server Template injection
CVSSv3
9.7
Release Date
1/16/2024
Products
Atlassian
References
Link
Vulnerability
VMware Aria Automation/Cloud Foundation access control
CVSSv3
9.1
Release Date
1/16/2024
Products
VMware
References
Link
Vulnerability
Cires21 C21 Live Encoder and Live Mosaic File Extension unrestricted upload
CVSSv3
9.9
Release Date
1/17/2024
Products
Cires21
References
Link
Vulnerability
Cires21 C21 Live Encoder and Live Mosaic Endpoint access control
CVSSv3
9.8
Release Date
1/17/2024
Products
Cires21
References
Link
Vulnerability
ASUS Armoury Crate HTTP Request external reference
CVSSv3
9.8
Release Date
1/19/2024
Products
ASUS
References
Link
Vulnerability
sofastack sofa-rpc SOFA Hessian Protocol deserialization
CVSSv3
9.6
Release Date
1/23/2024
Products
sofastack
References
Link
Vulnerability
Arris SURFboard SBG6950AC2 missing authentication
CVSSv3
9.2
Release Date
1/26/2024
Products
Arris
References
Link
Vulnerability
D-Link DAP-1650 UPnP SUBSCRIBE Message command injection
CVSSv3
9.2
Release Date
1/26/2024
Products
D-Link
References
Link
Vulnerability
D-Link DAP-1650 gena.cgi command injection
CVSSv3
9.2
Release Date
1/26/2024
Products
D-Link
References
Link
Vulnerability
Symantec Server Management Suite buffer overflow
CVSSv3
9.9
Release Date
1/26/2024
Products
Symantec
References
Link
Vulnerability
Symantec Deployment Solution UpdateComputer Token Parser buffer overflow
CVSSv3
9.9
Release Date
1/26/2024
Products
Symantec
References
Link
December
November
October
September
August
July
June
May
February
January
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Unitronics Vision Series PLC insecure default initialization of resource | 9.8 | 12/5/2023 | Unitronics | Link | ||
mlflow special elements used in a template engine | 9.7 | 12/12/2023 | mlflow | Link | ||
Fortinet FortiWLM HTTP GET Request os command injection | 9.1 | 12/13/2023 | Fortinet | Link | ||
Fortinet FortiWAN JWT Token improper authentication | 9.1 | 12/13/2023 | Fortinet | Link | ||
Repox transforamationfileupload unrestricted upload | 9.9 | 12/13/2023 | Repox | Link | ||
Dasan Networks W-Web os command injection | 9.6 | 12/13/2023 | Dasan | Link | ||
Phoenix Contact Automation Worx Software Suite permission assignment | 9.6 | 12/14/2023 | Phoenix | Link | ||
Phoenix Contact MULTIPROG/ProConOS eCLR permission assignment | 9.6 | 12/14/2023 | Phoenix | Link | ||
Multisuns EasyLog Web+ code injection | 9.8 | 12/15/2023 | Multisuns | Link | ||
SmartStar CWS Web-Base unrestricted upload | 9.8 | 12/15/2023 | SmartStar | Link | ||
ITPison OMICARD EDM SMS unrestricted upload | 9.8 | 12/15/2023 | ITPison | Link | ||
IDEMIA SIGMA Lite & Lite + Retrofit Validation stack-based overflow | 9.3 | 12/15/2023 | IDEMIA | Link | ||
Zabbix Session Cookie cookie validation | 9 | 12/18/2023 | Zabbix | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Avalanche Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Wavelink Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Wavelink Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
Ivanti Wavelink Mobile Device Server memory corruption | 9.8 | 12/19/2023 | Ivanti | Link | ||
mlflow path traversal | 9.7 | 12/20/2023 | mlflow | Link | ||
huggingface transformers deserialization | 9 | 12/20/2023 | huggingface | Link | ||
Voltronic Power ViewPower Pro deserialization | 9.5 | 12/21/2023 | Voltronic | Link | ||
Voltronic Power ViewPower Pro getMacAddressByIp command injection | 9.5 | 12/21/2023 | Voltronic | Link |
Vulnerability
Unitronics Vision Series PLC insecure default initialization of resource
CVSSv3
9.8
Release Date
12/5/2023
Products
Unitronics
References
Link
Vulnerability
mlflow special elements used in a template engine
CVSSv3
9.7
Release Date
12/12/2023
Products
mlflow
References
Link
Vulnerability
Fortinet FortiWLM HTTP GET Request os command injection
CVSSv3
9.1
Release Date
12/13/2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiWAN JWT Token improper authentication
CVSSv3
9.1
Release Date
12/13/2023
Products
Fortinet
References
Link
Vulnerability
Repox transforamationfileupload unrestricted upload
CVSSv3
9.9
Release Date
12/13/2023
Products
Repox
References
Link
Vulnerability
Dasan Networks W-Web os command injection
CVSSv3
9.6
Release Date
12/13/2023
Products
Dasan
References
Link
Vulnerability
Phoenix Contact Automation Worx Software Suite permission assignment
CVSSv3
9.6
Release Date
12/14/2023
Products
Phoenix
References
Link
Vulnerability
Phoenix Contact MULTIPROG/ProConOS eCLR permission assignment
CVSSv3
9.6
Release Date
12/14/2023
Products
Phoenix
References
Link
Vulnerability
Multisuns EasyLog Web+ code injection
CVSSv3
9.8
Release Date
12/15/2023
Products
Multisuns
References
Link
Vulnerability
SmartStar CWS Web-Base unrestricted upload
CVSSv3
9.8
Release Date
12/15/2023
Products
SmartStar
References
Link
Vulnerability
ITPison OMICARD EDM SMS unrestricted upload
CVSSv3
9.8
Release Date
12/15/2023
Products
ITPison
References
Link
Vulnerability
IDEMIA SIGMA Lite & Lite + Retrofit Validation stack-based overflow
CVSSv3
9.3
Release Date
12/15/2023
Products
IDEMIA
References
Link
Vulnerability
Zabbix Session Cookie cookie validation
CVSSv3
9
Release Date
12/18/2023
Products
Zabbix
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Avalanche Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Wavelink Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Wavelink Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
Ivanti Wavelink Mobile Device Server memory corruption
CVSSv3
9.8
Release Date
12/19/2023
Products
Ivanti
References
Link
Vulnerability
mlflow path traversal
CVSSv3
9.7
Release Date
12/20/2023
Products
mlflow
References
Link
Vulnerability
huggingface transformers deserialization
CVSSv3
9
Release Date
12/20/2023
Products
huggingface
References
Link
Vulnerability
Voltronic Power ViewPower Pro deserialization
CVSSv3
9.5
Release Date
12/21/2023
Products
Voltronic
References
Link
Vulnerability
Voltronic Power ViewPower Pro getMacAddressByIp command injection
CVSSv3
9.5
Release Date
12/21/2023
Products
Voltronic
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Zavio CD321 XML Element stack-based overflow | 9.5 | 10/31/2023 | Zavio | Link | ||
Zavio CD321 XML Element Parser stack-based overflow | 9.5 | 10/31/2023 | Zavio | Link | ||
Zavio CD321 XML Element stack-based overflow | 9.5 | 10/31/2023 | Zavio | Link | ||
INEA ME RTU improper authentication | 9.4 | 10/31/2023 | INEA | Link | ||
GLPI ajax input validation | 9.7 | 11/2/2023 | GLPI | Link | ||
Weintek EasyBuilder Pro hard-coded credentials | 9.4 | 11/2/2023 | Weintek | Link | ||
Mitsubishi Electric MELSEC-F/MELSEC iQ-F data authenticity | 9.8 | 11/2/2023 | Mitsubishi | Link | ||
1E Platform URL Parameter input validation | 9.1 | 11/6/2023 | 1E | Link | ||
1E Platform URL Parameter input validation | 9.3 | 11/6/2023 | 1E | Link | ||
1E Platform URL Parameter input validation | 9.1 | 11/6/2023 | 1E | Link | ||
Johnson Controls Quantum HD Unity debug code | 9.4 | 11/9/2023 | Johnson | Link | ||
PostgreSQL Array Modification integer overflow | 9.4 | 11/10/2023 | PostgreSQL | Link | ||
Weston Embedded Cesium NET/uC-HTTP HTTP Server memory corruption | 9.2 | 11/14/2023 | Weston | Link | ||
Siemens COMOS Cache Validation Service Testing Ptmcast buffer overflow | 9 | 11/14/2023 | Siemens | Link | ||
Fortinet FortiSIEM API Request os command injection | 9.6 | 11/14/2023 | Fortinet | Link | ||
Intel DCM software protection mechanism | 9.7 | 11/14/2023 | Intel | Link | ||
HPE ArubaOS CLI Service buffer overflow | 9.6 | 11/15/2023 | HPE | Link | ||
HPE ArubaOS AirWave Client Service buffer overflow | 9.6 | 11/15/2023 | HPE | Link | ||
HPE ArubaOS CLI Service buffer overflow | 9.6 | 11/15/2023 | HPE | Link | ||
ray URL Parameter os command injection | 9.9 | 11/16/2023 | ray | Link | ||
h2oai h2o-3 POJO Model Import code injection | 9.9 | 11/16/2023 | h2oai | Link | ||
Red Lion Sixnet RTU UDR Message routine | 9.4 | 11/17/2023 | Red | Link | ||
Red Lion Sixnet RTU authentication bypass | 9.4 | 11/17/2023 | Red | Link | ||
WAGO Industrial Managed Switch Web-based Management os command injection | 9.6 | 11/21/2023 | WAGO | Link | ||
Digital Communications Technologies Syrus4 IoT Telematics Gateway MQTT Server improper authentication | 9.9 | 11/22/2023 | Digital | Link | ||
Univera Computer System Panorama os command injection | 9.1 | 11/28/2023 | Univera | Link | ||
Delta Electronics InfraSuite Device Master UDP Packet routine | 9.4 | 11/29/2023 | Delta | Link | ||
Delta Electronics InfraSuite Device Master deserialization | 9.4 | 11/29/2023 | Delta | Link | ||
Zyxel NAS326/NAS542 WSGI Server os command injection | 9.8 | 11/30/2023 | Zyxel | Link | ||
Zyxel NAS326/NAS542 HTTP POST Request show_zysync_server_contents os command injection | 9.8 | 11/30/2023 | Zyxel | Link |
Vulnerability
Zavio CD321 XML Element stack-based overflow
CVSSv3
9.5
Release Date
10/31/2023
Products
Zavio
References
Link
Vulnerability
Zavio CD321 XML Element Parser stack-based overflow
CVSSv3
9.5
Release Date
10/31/2023
Products
Zavio
References
Link
Vulnerability
Zavio CD321 XML Element stack-based overflow
CVSSv3
9.5
Release Date
10/31/2023
Products
Zavio
References
Link
Vulnerability
INEA ME RTU improper authentication
CVSSv3
9.4
Release Date
10/31/2023
Products
INEA
References
Link
Vulnerability
GLPI ajax input validation
CVSSv3
9.7
Release Date
11/2/2023
Products
GLPI
References
Link
Vulnerability
Weintek EasyBuilder Pro hard-coded credentials
CVSSv3
9.4
Release Date
11/2/2023
Products
Weintek
References
Link
Vulnerability
Mitsubishi Electric MELSEC-F/MELSEC iQ-F data authenticity
CVSSv3
9.8
Release Date
11/2/2023
Products
Mitsubishi
References
Link
Vulnerability
1E Platform URL Parameter input validation
CVSSv3
9.1
Release Date
11/6/2023
Products
1E
References
Link
Vulnerability
1E Platform URL Parameter input validation
CVSSv3
9.3
Release Date
11/6/2023
Products
1E
References
Link
Vulnerability
1E Platform URL Parameter input validation
CVSSv3
9.1
Release Date
11/6/2023
Products
1E
References
Link
Vulnerability
Johnson Controls Quantum HD Unity debug code
CVSSv3
9.4
Release Date
11/9/2023
Products
Johnson
References
Link
Vulnerability
PostgreSQL Array Modification integer overflow
CVSSv3
9.4
Release Date
11/10/2023
Products
PostgreSQL
References
Link
Vulnerability
Weston Embedded Cesium NET/uC-HTTP HTTP Server memory corruption
CVSSv3
9.2
Release Date
11/14/2023
Products
Weston
References
Link
Vulnerability
Siemens COMOS Cache Validation Service Testing Ptmcast buffer overflow
CVSSv3
9
Release Date
11/14/2023
Products
Siemens
References
Link
Vulnerability
Fortinet FortiSIEM API Request os command injection
CVSSv3
9.6
Release Date
11/14/2023
Products
Fortinet
References
Link
Vulnerability
Intel DCM software protection mechanism
CVSSv3
9.7
Release Date
11/14/2023
Products
Intel
References
Link
Vulnerability
HPE ArubaOS CLI Service buffer overflow
CVSSv3
9.6
Release Date
11/15/2023
Products
HPE
References
Link
Vulnerability
HPE ArubaOS AirWave Client Service buffer overflow
CVSSv3
9.6
Release Date
11/15/2023
Products
HPE
References
Link
Vulnerability
HPE ArubaOS CLI Service buffer overflow
CVSSv3
9.6
Release Date
11/15/2023
Products
HPE
References
Link
Vulnerability
ray URL Parameter os command injection
CVSSv3
9.9
Release Date
11/16/2023
Products
ray
References
Link
Vulnerability
h2oai h2o-3 POJO Model Import code injection
CVSSv3
9.9
Release Date
11/16/2023
Products
h2oai
References
Link
Vulnerability
Red Lion Sixnet RTU UDR Message routine
CVSSv3
9.4
Release Date
11/17/2023
Products
Red
References
Link
Vulnerability
Red Lion Sixnet RTU authentication bypass
CVSSv3
9.4
Release Date
11/17/2023
Products
Red
References
Link
Vulnerability
WAGO Industrial Managed Switch Web-based Management os command injection
CVSSv3
9.6
Release Date
11/21/2023
Products
WAGO
References
Link
Vulnerability
Digital Communications Technologies Syrus4 IoT Telematics Gateway MQTT Server improper authentication
CVSSv3
9.9
Release Date
11/22/2023
Products
Digital
References
Link
Vulnerability
Univera Computer System Panorama os command injection
CVSSv3
9.1
Release Date
11/28/2023
Products
Univera
References
Link
Vulnerability
Delta Electronics InfraSuite Device Master UDP Packet routine
CVSSv3
9.4
Release Date
11/29/2023
Products
Delta
References
Link
Vulnerability
Delta Electronics InfraSuite Device Master deserialization
CVSSv3
9.4
Release Date
11/29/2023
Products
Delta
References
Link
Vulnerability
Zyxel NAS326/NAS542 WSGI Server os command injection
CVSSv3
9.8
Release Date
11/30/2023
Products
Zyxel
References
Link
Vulnerability
Zyxel NAS326/NAS542 HTTP POST Request show_zysync_server_contents os command injection
CVSSv3
9.8
Release Date
11/30/2023
Products
Zyxel
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Qualcomm QCN5054 WLAN memory corruption | 9.6 | 10/3/2023 | Qualcomm | Link | ||
Qualcomm AR8035 Modem memory corruption | 9.6 | 10/3/2023 | Qualcomm | Link | ||
Netman-204 Firmware File unrestricted upload | 9.9 | 10/3/2023 | Netman-204 | Link | ||
Dienstleistung, Entwicklung & Vertrieb GmbH cashIT Serving Solutions HTTP Endpoint routine | 9.8 | 10/3/2023 | Dienstleistung | Link | ||
Cisco Emergency Responder hard-coded credentials | 9.4 | 10/4/2023 | Cisco | Link | ||
Schneider Electric C-Bus Toolkit path traversal | 9.6 | 10/5/2023 | Schneider | Link | ||
Schneider Electric EcoStruxure Power Monitoring Expert Packet deserialization | 9.6 | 10/5/2023 | Schneider | Link | ||
D-Link D-View InstallApplication hard-coded credentials | 9.5 | 10/5/2023 | D-Link | Link | ||
D-Link D-View coreservice_action_script Remote Code Execution | 9.5 | 10/5/2023 | D-Link | Link | ||
Qognify NiceVision hard-coded credentials | 9.7 | 10/6/2023 | Qognify | Link | ||
Dell SmartFabric Storage Software input validation | 9.6 | 10/6/2023 | Dell | Link | ||
Siemens CP-8031 MASTER MODULE/CP-8050 MASTER MODULE SSH hard-coded credentials | 9.6 | 10/10/2023 | Siemens | Link | ||
Siemens Simcenter Amesim SOAP Endpoint code injection | 9.6 | 10/10/2023 | Siemens | Link | ||
Sangfor Next-Gen Application Firewall Header authentication spoofing | 9.8 | 10/10/2023 | Sangfor | Link | ||
Sangfor Next-Gen Application Firewall HTTP POST Request login.cgi os command injection | 9.8 | 10/10/2023 | Sangfor | Link | ||
Sangfor Next-Gen Application Firewall LogInOut.php os command injection | 9.8 | 10/10/2023 | Sangfor | Link | ||
Fortinet FortiWLM HTTP GET Request os command injection | 9.6 | 10/10/2023 | Fortinet | Link | ||
Fortinet FortiWLM HTTP GET Request os command injection | 9.6 | 10/10/2023 | Fortinet | Link | ||
Fortinet FortiWLM HTTP GET Request os command injection | 9.6 | 10/10/2023 | Fortinet | Link | ||
Fortinet FortiWLM HTTP GET Request os command injection | 9.6 | 10/10/2023 | Fortinet | Link | ||
Fortinet FortiSIEM API Request os command injection | 9.6 | 10/10/2023 | Fortinet | Link | ||
Yifan YF325 Network Request gwcfg_cgi_set_manage_post_data integer overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request gwcfg_cgi_set_manage_post_data integer overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request realloc integer overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request malloc integer overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request gozila_cgi stack-based overflow | 9.2 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request manage_request stack-based overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request libutils.so nvram_restore stack-based overflow | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request gwcfg.cgi debug code | 9.6 | 2023-10-11 | Yifan | Link | ||
Yifan YF325 Network Request debug code | 9.6 | 2023-10-11 | Yifan | Link |
Vulnerability
Qualcomm QCN5054 WLAN memory corruption
CVSSv3
9.6
Release Date
10/3/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm AR8035 Modem memory corruption
CVSSv3
9.6
Release Date
10/3/2023
Products
Qualcomm
References
Link
Vulnerability
Netman-204 Firmware File unrestricted upload
CVSSv3
9.9
Release Date
10/3/2023
Products
Netman-204
References
Link
Vulnerability
Dienstleistung, Entwicklung & Vertrieb GmbH cashIT Serving Solutions HTTP Endpoint routine
CVSSv3
9.8
Release Date
10/3/2023
Products
Dienstleistung
References
Link
Vulnerability
Cisco Emergency Responder hard-coded credentials
CVSSv3
9.4
Release Date
10/4/2023
Products
Cisco
References
Link
Vulnerability
Schneider Electric C-Bus Toolkit path traversal
CVSSv3
9.6
Release Date
10/5/2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric EcoStruxure Power Monitoring Expert Packet deserialization
CVSSv3
9.6
Release Date
10/5/2023
Products
Schneider
References
Link
Vulnerability
D-Link D-View InstallApplication hard-coded credentials
CVSSv3
9.5
Release Date
10/5/2023
Products
D-Link
References
Link
Vulnerability
D-Link D-View coreservice_action_script Remote Code Execution
CVSSv3
9.5
Release Date
10/5/2023
Products
D-Link
References
Link
Vulnerability
Qognify NiceVision hard-coded credentials
CVSSv3
9.7
Release Date
10/6/2023
Products
Qognify
References
Link
Vulnerability
Dell SmartFabric Storage Software input validation
CVSSv3
9.6
Release Date
10/6/2023
Products
Dell
References
Link
Vulnerability
Siemens CP-8031 MASTER MODULE/CP-8050 MASTER MODULE SSH hard-coded credentials
CVSSv3
9.6
Release Date
10/10/2023
Products
Siemens
References
Link
Vulnerability
Siemens Simcenter Amesim SOAP Endpoint code injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Siemens
References
Link
Vulnerability
Sangfor Next-Gen Application Firewall Header authentication spoofing
CVSSv3
9.8
Release Date
10/10/2023
Products
Sangfor
References
Link
Vulnerability
Sangfor Next-Gen Application Firewall HTTP POST Request login.cgi os command injection
CVSSv3
9.8
Release Date
10/10/2023
Products
Sangfor
References
Link
Vulnerability
Sangfor Next-Gen Application Firewall LogInOut.php os command injection
CVSSv3
9.8
Release Date
10/10/2023
Products
Sangfor
References
Link
Vulnerability
Fortinet FortiWLM HTTP GET Request os command injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiWLM HTTP GET Request os command injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiWLM HTTP GET Request os command injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiWLM HTTP GET Request os command injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiSIEM API Request os command injection
CVSSv3
9.6
Release Date
10/10/2023
Products
Fortinet
References
Link
Vulnerability
Yifan YF325 Network Request gwcfg_cgi_set_manage_post_data integer overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request gwcfg_cgi_set_manage_post_data integer overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request realloc integer overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request malloc integer overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request gozila_cgi stack-based overflow
CVSSv3
9.2
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request manage_request stack-based overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request libutils.so nvram_restore stack-based overflow
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request gwcfg.cgi debug code
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability
Yifan YF325 Network Request debug code
CVSSv3
9.6
Release Date
2023-10-11
Products
Yifan
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Linux Kernel Netfilter Subsystem Local Privilege Escalation | 7.5 | 09/01/2023 | Linux | Link | ||
Acronis Cloud Manager input validation | 8.2 | 09/01/2023 | Acronis | Link | ||
Acronis Cloud Manager input validation | 8.2 | 09/01/2023 | Acronis | Link | ||
Moxa MXsecurity small space of random values | 9.6 | 09/02/2023 | Moxa | Link | ||
vim untrusted search path | 7.6 | 09/03/2023 | vim | Link | ||
TOTOLINK N200RE V5 Validity_check format string | 8.0 | 09/03/2023 | TOTOLINK | Link | ||
Tenda AC8 formSetDeviceName stack-based overflow | 8.9 | 09/03/2023 | Tenda | Link | ||
Proscend Advice ICR hard-coded credentials | 9.9 | 09/04/2023 | Proscend | Link | ||
ForeScout NAC SecureConnector uncontrolled search path | 7.8 | 09/04/2023 | ForeScout | Link | ||
LG LED Assistant path traversal | 8.4 | 09/04/2023 | LG | Link | ||
LG LED Assistant setThumbnailRc path traversal | 8.4 | 09/04/2023 | LG | Link | ||
Dell Alienware Command Center .NET Remoting Server deserialization | 7.6 | 09/04/2023 | Dell | Link | ||
Qualcomm APQ8064AU Graphics memory corruption | 7.9 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm WSA8835 WLAN Firmware memory corruption | 9.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCN5022 WLAN HAL memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | https://www.cve.org/CVERecord?id=CVE-2023-28573 | |
Qualcomm QCA9886 WLAN HAL memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCA6694 WLAN HAL memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | https://www.cve.org/CVERecord?id=CVE-2023-28565 | |
Qualcomm QCA9987 WLAN HAL memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCA9889 WLAN HAL buffer overflow | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCN5164 WLAN Firmware buffer overflow | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm SD855 WLAN array index | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCA9980 Command Parameter memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCA9980 WLAN HAL memory corruption | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCN5154 WLAN HAL array index | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm AQT1000 WIN stack-based overflow | 7.9 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm AQT1000 Core buffer overflow | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm WCD9335 Core buffer overflow | 7.6 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm WSA8835 Audio array index | 7.9 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm QCA9984 WLAN HAL memory corruption | 7.9 | 09/05/2023 | Qualcomm | Link | ||
Qualcomm AQT1000 ESL memory corruption | 9.6 | 09/05/2023 | Qualcomm | Link |
Vulnerability
Linux Kernel Netfilter Subsystem Local Privilege Escalation
CVSSv3
7.5
Release Date
09/01/2023
Products
Linux
References
Link
Vulnerability
Acronis Cloud Manager input validation
CVSSv3
8.2
Release Date
09/01/2023
Products
Acronis
References
Link
Vulnerability
Acronis Cloud Manager input validation
CVSSv3
8.2
Release Date
09/01/2023
Products
Acronis
References
Link
Vulnerability
Moxa MXsecurity small space of random values
CVSSv3
9.6
Release Date
09/02/2023
Products
Moxa
References
Link
Vulnerability
vim untrusted search path
CVSSv3
7.6
Release Date
09/03/2023
Products
vim
References
Link
Vulnerability
TOTOLINK N200RE V5 Validity_check format string
CVSSv3
8.0
Release Date
09/03/2023
Products
TOTOLINK
References
Link
Vulnerability
Tenda AC8 formSetDeviceName stack-based overflow
CVSSv3
8.9
Release Date
09/03/2023
Products
Tenda
References
Link
Vulnerability
Proscend Advice ICR hard-coded credentials
CVSSv3
9.9
Release Date
09/04/2023
Products
Proscend
References
Link
Vulnerability
ForeScout NAC SecureConnector uncontrolled search path
CVSSv3
7.8
Release Date
09/04/2023
Products
ForeScout
References
Link
Vulnerability
LG LED Assistant path traversal
CVSSv3
8.4
Release Date
09/04/2023
Products
LG
References
Link
Vulnerability
LG LED Assistant setThumbnailRc path traversal
CVSSv3
8.4
Release Date
09/04/2023
Products
LG
References
Link
Vulnerability
Dell Alienware Command Center .NET Remoting Server deserialization
CVSSv3
7.6
Release Date
09/04/2023
Products
Dell
References
Link
Vulnerability
Qualcomm APQ8064AU Graphics memory corruption
CVSSv3
7.9
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm WSA8835 WLAN Firmware memory corruption
CVSSv3
9.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCN5022 WLAN HAL memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9886 WLAN HAL memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA6694 WLAN HAL memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9987 WLAN HAL memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9889 WLAN HAL buffer overflow
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCN5164 WLAN Firmware buffer overflow
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm SD855 WLAN array index
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9980 Command Parameter memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9980 WLAN HAL memory corruption
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCN5154 WLAN HAL array index
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm AQT1000 WIN stack-based overflow
CVSSv3
7.9
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm AQT1000 Core buffer overflow
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm WCD9335 Core buffer overflow
CVSSv3
7.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm WSA8835 Audio array index
CVSSv3
7.9
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9984 WLAN HAL memory corruption
CVSSv3
7.9
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm AQT1000 ESL memory corruption
CVSSv3
9.6
Release Date
09/05/2023
Products
Qualcomm
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Ajaxmanager File and Database Explorer unrestricted upload | 8.5 | 08/01/2023 | Ajaxmanager | Link | ||
RaspAP raspap-webgui POST Parameter get_wgkey.php command injection | 8.0 | 08/01/2023 | RaspAP | Link | ||
Inductive Automation Ignition missing authentication | 7.7 | 08/01/2023 | Inductive | Link | ||
Eramba Community Edition/Enterprise Edition download-test-pdf code injection | 7.9 | 08/01/2023 | Eramba | Link | ||
Aruba AOS-CX Command Line Interface command injection | 8.8 | 08/01/2023 | Aruba | Link | ||
FreeBSD IPv6 Packet integer overflow | 7.5 | 08/02/2023 | FreeBSD | Link | ||
Brocade Fabric OS Command path traversal | 7.6 | 08/02/2023 | Brocade | Link | ||
Brocade Fabric OS fosexec Command Local Privilege Escalation | 7.6 | 08/02/2023 | Brocade | Link | ||
Brocade Fabric OS privileges management | 7.6 | 08/02/2023 | Brocade | Link | ||
F5 BIG-IP Edge Client Installer signature verification | 7.8 | 08/02/2023 | F5 | Link | ||
Xiaomi Router External Interface command injection | 8.8 | 08/02/2023 | Xiaomi | Link | ||
IBM SDK Java Technology Edition Data deserialization | 7.9 | 08/02/2023 | IBM | Link | ||
CX-One CXONE-AL CXP File use after free | 5.5 | 08/03/2023 | CX-One | Link | ||
CX-One CXONE-AL CXP File heap-based overflow | 7.5 | 08/03/2023 | CX-One | Link | ||
CX-One CXONE-AL CXP File out-of-bounds | 7.5 | 08/03/2023 | CX-One | Link | ||
Axis License Plate Verifier access control | 8.8 | 08/03/2023 | Axis | Link | ||
Ivanti Endpoint Manager Mobile API improper authentication | 8.5 | 08/03/2023 | Ivanti | Link | ||
Apple macOS VPN memory corruption | 7.5 | 08/03/2023 | Apple | Link | ||
CODESYS Control memory corruption | 8.6 | 08/03/2023 | CODESYS | Link | ||
Fabasoft Cloud Enterprise Client Local Privilege Escalation | 7.5 | 08/03/2023 | Fabasoft | Link | ||
HCL Unica Platform Group Remote Code Execution | 7.9 | 08/04/2023 | HCL | Link | ||
Metabase database code injection | 8.5 | 08/04/2023 | Metabase | Link | ||
Triangle MicroWorks SCADA Data Gateway missing authentication | 9.4 | 08/04/2023 | Triangle | Link | ||
Extreme Networks AP410C stack-based overflow | 8.4 | 08/04/2023 | Extreme | Link | ||
omeka omeka-s unrestricted upload | 7.9 | 08/04/2023 | omeka | Link | ||
CloudExplorer Lite Module Management os command injection | 8.4 | 08/04/2023 | CloudExplorer | Link | ||
social-media-skeleton sql injection | 8.5 | 08/04/2023 | social-media-skeleton | Link | ||
Knowage importTemplateFile path traversal | 7.9 | 08/04/2023 | Knowage | Link | ||
Stormshield SSL VPN Client OpenVPN Local Privilege Escalation | 7.5 | 08/05/2023 | Stormshield | Link | ||
instantsoft icms2 sql injection | 8.4 | 08/06/2023 | instantsoft | Link |
Vulnerability
Ajaxmanager File and Database Explorer unrestricted upload
CVSSv3
8.5
Release Date
08/01/2023
Products
Ajaxmanager
References
Link
Vulnerability
RaspAP raspap-webgui POST Parameter get_wgkey.php command injection
CVSSv3
8.0
Release Date
08/01/2023
Products
RaspAP
References
Link
Vulnerability
Inductive Automation Ignition missing authentication
CVSSv3
7.7
Release Date
08/01/2023
Products
Inductive
References
Link
Vulnerability
Eramba Community Edition/Enterprise Edition download-test-pdf code injection
CVSSv3
7.9
Release Date
08/01/2023
Products
Eramba
References
Link
Vulnerability
Aruba AOS-CX Command Line Interface command injection
CVSSv3
8.8
Release Date
08/01/2023
Products
Aruba
References
Link
Vulnerability
FreeBSD IPv6 Packet integer overflow
CVSSv3
7.5
Release Date
08/02/2023
Products
FreeBSD
References
Link
Vulnerability
Brocade Fabric OS Command path traversal
CVSSv3
7.6
Release Date
08/02/2023
Products
Brocade
References
Link
Vulnerability
Brocade Fabric OS fosexec Command Local Privilege Escalation
CVSSv3
7.6
Release Date
08/02/2023
Products
Brocade
References
Link
Vulnerability
Brocade Fabric OS privileges management
CVSSv3
7.6
Release Date
08/02/2023
Products
Brocade
References
Link
Vulnerability
F5 BIG-IP Edge Client Installer signature verification
CVSSv3
7.8
Release Date
08/02/2023
Products
F5
References
Link
Vulnerability
Xiaomi Router External Interface command injection
CVSSv3
8.8
Release Date
08/02/2023
Products
Xiaomi
References
Link
Vulnerability
IBM SDK Java Technology Edition Data deserialization
CVSSv3
7.9
Release Date
08/02/2023
Products
IBM
References
Link
Vulnerability
CX-One CXONE-AL CXP File use after free
CVSSv3
5.5
Release Date
08/03/2023
Products
CX-One
References
Link
Vulnerability
CX-One CXONE-AL CXP File heap-based overflow
CVSSv3
7.5
Release Date
08/03/2023
Products
CX-One
References
Link
Vulnerability
CX-One CXONE-AL CXP File out-of-bounds
CVSSv3
7.5
Release Date
08/03/2023
Products
CX-One
References
Link
Vulnerability
Axis License Plate Verifier access control
CVSSv3
8.8
Release Date
08/03/2023
Products
Axis
References
Link
Vulnerability
Ivanti Endpoint Manager Mobile API improper authentication
CVSSv3
8.5
Release Date
08/03/2023
Products
Ivanti
References
Link
Vulnerability
Apple macOS VPN memory corruption
CVSSv3
7.5
Release Date
08/03/2023
Products
Apple
References
Link
Vulnerability
CODESYS Control memory corruption
CVSSv3
8.6
Release Date
08/03/2023
Products
CODESYS
References
Link
Vulnerability
Fabasoft Cloud Enterprise Client Local Privilege Escalation
CVSSv3
7.5
Release Date
08/03/2023
Products
Fabasoft
References
Link
Vulnerability
HCL Unica Platform Group Remote Code Execution
CVSSv3
7.9
Release Date
08/04/2023
Products
HCL
References
Link
Vulnerability
Metabase database code injection
CVSSv3
8.5
Release Date
08/04/2023
Products
Metabase
References
Link
Vulnerability
Triangle MicroWorks SCADA Data Gateway missing authentication
CVSSv3
9.4
Release Date
08/04/2023
Products
Triangle
References
Link
Vulnerability
Extreme Networks AP410C stack-based overflow
CVSSv3
8.4
Release Date
08/04/2023
Products
Extreme
References
Link
Vulnerability
omeka omeka-s unrestricted upload
CVSSv3
7.9
Release Date
08/04/2023
Products
omeka
References
Link
Vulnerability
CloudExplorer Lite Module Management os command injection
CVSSv3
8.4
Release Date
08/04/2023
Products
CloudExplorer
References
Link
Vulnerability
social-media-skeleton sql injection
CVSSv3
8.5
Release Date
08/04/2023
Products
social-media-skeleton
References
Link
Vulnerability
Knowage importTemplateFile path traversal
CVSSv3
7.9
Release Date
08/04/2023
Products
Knowage
References
Link
Vulnerability
Stormshield SSL VPN Client OpenVPN Local Privilege Escalation
CVSSv3
7.5
Release Date
08/05/2023
Products
Stormshield
References
Link
Vulnerability
instantsoft icms2 sql injection
CVSSv3
8.4
Release Date
08/06/2023
Products
instantsoft
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Netgear RAX50 Certificate Validation curl_post certificate validation | 7.7 | 07/01/2023 | Netgear | Link | ||
D-Link DIR-X3260 prog.cgi SOAPAction command injection | 8.4 | 07/01/2023 | D-Link | Link | ||
Netgear RAX30 UPnP command injection | 8.4 | 07/01/2023 | Netgear | Link | ||
Hero Qubo Telnet Service missing authentication | 8.2 | 07/04/2023 | Hero | Link | ||
NVIDIA Virtual GPU Manager vGPU software improper authorization | 7.8 | 07/04/2023 | NVIDIA | Link | ||
Qualcomm 315 5G IoT Modem WLAN Host memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm QCA9898 Data Modem memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm AR8035 WLAN Host memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm 315 5G IoT Modem Audio memory corruption | 7.9 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm QCN9074 WLAN Host memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm QCA9994 VX memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm QCN9012 WLAN Host memory corruption | 7.6 | 07/04/2023 | Qualcomm | Link | ||
Qualcomm FastConnect 6700 Audio memory corruption | 7.9 | 07/04/2023 | Qualcomm | Link | ||
Samsung Smart Phone RILD RmtUimNeedApdu out-of-bounds write | 7.6 | 07/06/2023 | Samsung | Link | ||
Samsung Smart Phone RILD IpcRxUsimPhoneBookCapa out-of-bounds write | 7.6 | 07/06/2023 | Samsung | Link | ||
Samsung Smart Phone RILD BroadcastSmsConfig out-of-bounds write | 7.6 | 07/06/2023 | Samsung | Link | ||
Samsung Smart Phone RILD IpcRxIncomingCBMsg out-of-bounds write | 7.6 | 07/06/2023 | Samsung | Link | ||
Samsung Smart Phone RILD CdmaSmsParser out-of-bounds write | 7.6 | 07/06/2023 | Samsung | Link | ||
Huawei EMUI/Magic UI uinput use after free | 7.8 | 07/06/2023 | Huawei | Link | ||
PiiGAB M-Bus SoftwarePack 900S hard-coded credentials | 9.4 | 07/06/2023 | PiiGAB | Link | ||
PiiGAB M-Bus SoftwarePack 900S code injection | 8.4 | 07/06/2023 | PiiGAB | Link | ||
Mastodon Media File path traversal | 7.9 | 07/06/2023 | Mastodon | Link | ||
authentik Header interpretation conflict | 7.6 | 07/06/2023 | authentik | Link | ||
Linux Kernel UDF Filesystem Image super.c udf_put_super use after free | 7.8 | 07/06/2023 | Linux | Link | ||
openSUSE Tumbleweed hawk2 permission | 7.8 | 07/07/2023 | openSUSE | Link | ||
MuJS Regexp Source Property denial of service | 7.5 | 07/08/2023 | MuJS | Link | ||
OpenComputers Metadata Services API Endpoint server-side request forgery | 7.8 | 07/08/2023 | OpenComputers | Link | ||
OpenComputers server-side request forgery | 7.8 | 07/08/2023 | OpenComputers | Link | ||
SmartSoft SmartBPM.NET hard-coded credentials | 8.2 | 07/10/2023 | SmartSoft | Link | ||
SmartSoft SmartBPM.NET hard-coded credentials | 8.5 | 07/10/2023 | SmartSoft | Link |
Vulnerability
Netgear RAX50 Certificate Validation curl_post certificate validation
CVSSv3
7.7
Release Date
07/01/2023
Products
Netgear
References
Link
Vulnerability
D-Link DIR-X3260 prog.cgi SOAPAction command injection
CVSSv3
8.4
Release Date
07/01/2023
Products
D-Link
References
Link
Vulnerability
Netgear RAX30 UPnP command injection
CVSSv3
8.4
Release Date
07/01/2023
Products
Netgear
References
Link
Vulnerability
Hero Qubo Telnet Service missing authentication
CVSSv3
8.2
Release Date
07/04/2023
Products
Hero
References
Link
Vulnerability
NVIDIA Virtual GPU Manager vGPU software improper authorization
CVSSv3
7.8
Release Date
07/04/2023
Products
NVIDIA
References
Link
Vulnerability
Qualcomm 315 5G IoT Modem WLAN Host memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9898 Data Modem memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm AR8035 WLAN Host memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm 315 5G IoT Modem Audio memory corruption
CVSSv3
7.9
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCN9074 WLAN Host memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCA9994 VX memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm QCN9012 WLAN Host memory corruption
CVSSv3
7.6
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Qualcomm FastConnect 6700 Audio memory corruption
CVSSv3
7.9
Release Date
07/04/2023
Products
Qualcomm
References
Link
Vulnerability
Samsung Smart Phone RILD RmtUimNeedApdu out-of-bounds write
CVSSv3
7.6
Release Date
07/06/2023
Products
Samsung
References
Link
Vulnerability
Samsung Smart Phone RILD IpcRxUsimPhoneBookCapa out-of-bounds write
CVSSv3
7.6
Release Date
07/06/2023
Products
Samsung
References
Link
Vulnerability
Samsung Smart Phone RILD BroadcastSmsConfig out-of-bounds write
CVSSv3
7.6
Release Date
07/06/2023
Products
Samsung
References
Link
Vulnerability
Samsung Smart Phone RILD IpcRxIncomingCBMsg out-of-bounds write
CVSSv3
7.6
Release Date
07/06/2023
Products
Samsung
References
Link
Vulnerability
Samsung Smart Phone RILD CdmaSmsParser out-of-bounds write
CVSSv3
7.6
Release Date
07/06/2023
Products
Samsung
References
Link
Vulnerability
Huawei EMUI/Magic UI uinput use after free
CVSSv3
7.8
Release Date
07/06/2023
Products
Huawei
References
Link
Vulnerability
PiiGAB M-Bus SoftwarePack 900S hard-coded credentials
CVSSv3
9.4
Release Date
07/06/2023
Products
PiiGAB
References
Link
Vulnerability
PiiGAB M-Bus SoftwarePack 900S code injection
CVSSv3
8.4
Release Date
07/06/2023
Products
PiiGAB
References
Link
Vulnerability
Mastodon Media File path traversal
CVSSv3
7.9
Release Date
07/06/2023
Products
Mastodon
References
Link
Vulnerability
authentik Header interpretation conflict
CVSSv3
7.6
Release Date
07/06/2023
Products
authentik
References
Link
Vulnerability
Linux Kernel UDF Filesystem Image super.c udf_put_super use after free
CVSSv3
7.8
Release Date
07/06/2023
Products
Linux
References
Link
Vulnerability
openSUSE Tumbleweed hawk2 permission
CVSSv3
7.8
Release Date
07/07/2023
Products
openSUSE
References
Link
Vulnerability
MuJS Regexp Source Property denial of service
CVSSv3
7.5
Release Date
07/08/2023
Products
MuJS
References
Link
Vulnerability
OpenComputers Metadata Services API Endpoint server-side request forgery
CVSSv3
7.8
Release Date
07/08/2023
Products
OpenComputers
References
Link
Vulnerability
OpenComputers server-side request forgery
CVSSv3
7.8
Release Date
07/08/2023
Products
OpenComputers
References
Link
Vulnerability
SmartSoft SmartBPM.NET hard-coded credentials
CVSSv3
8.2
Release Date
07/10/2023
Products
SmartSoft
References
Link
Vulnerability
SmartSoft SmartBPM.NET hard-coded credentials
CVSSv3
8.5
Release Date
07/10/2023
Products
SmartSoft
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Deno/deno_runtime node:http/node:https privileges management | 7.8 | 06/01/2023 | Deno/deno_runtime | Link | ||
Linux Kernel xfs_btree.c xfs_btree_lookup_get_block use after free | 7.6 | 06/01/2023 | Linux | Link | ||
VIPRE Antivirus Plus link following | 7.8 | 06/01/2023 | VIPRE | Link | ||
VIPRE Antivirus Plus SetPrivateConfig path traversal | 7.8 | 06/01/2023 | VIPRE | Link | ||
VIPRE Antivirus Plus DeleteHistoryFile path traversal | 7.8 | 06/01/2023 | VIPRE | Link | ||
VIPRE Antivirus Plus TelFileTransfer link following | 7.8 | 06/01/2023 | VIPRE | Link | ||
VIPRE Antivirus Plus FPQuarTransfer link following | 7.8 | 06/01/2023 | VIPRE | Link | ||
Gallagher Controller 6000 Controller Diagnostic Web Interface buffer overflow | 8.0 | 06/01/2023 | Gallagher | Link | ||
Sprecher SPRECON-E CPU hard-coded credentials | 9.8 | 06/01/2023 | Sprecher | Link | ||
Hangzhou Hopechart HQT401 MQTT improper authentication | 7.9 | 06/01/2023 | Hangzhou | Link | ||
SUSE Rancher privileges management | 7.9 | 06/01/2023 | SUSE | Link | ||
SUSE Rancher Azure AD privileges management | 7.8 | 06/01/2023 | SUSE | Link | ||
Dell OS Recovery Tool access control | 7.6 | 06/01/2023 | Dell | Link | ||
Brook tproxy Server os command injection | 8.6 | 06/01/2023 | Brook | Link | ||
DataEase Datasource deserialization | 8.4 | 06/01/2023 | DataEase | Link | ||
Erikoglu ErMon sql injection | 9.6 | 06/02/2023 | Erikoglu | Link | ||
Hitron CODA-5310 System Configuration Interface missing authentication | 8.5 | 06/02/2023 | Hitron | Link | ||
Hitron CODA-5310 Telnet hard-coded credentials | 9.8 | 06/02/2023 | Hitron | Link | ||
Wade Graphic Design FANTSY URL Parameter authorization | 9.8 | 06/02/2023 | Wade | Link | ||
Wade Graphic Design FANTSY unrestricted upload | 7.5 | 06/02/2023 | Wade | Link | ||
ARM Mali GPU Kernel Driver use after free | 7.5 | 06/02/2023 | ARM | Link | ||
Furbo Dog Camera Device Log Management command injection | 9.3 | 06/02/2023 | Furbo | Link | ||
Asus RT-AC86U Web URL os command injection | 8.8 | 06/02/2023 | Asus | Link | ||
Elite Technology Web Fax Login Page sql injection | 8.5 | 06/02/2023 | Elite | Link | ||
SGUDA U-Lock API authorization | 7.5 | 06/02/2023 | SGUDA | Link | ||
SGUDA U-Lock Lock Management authorization | 8.8 | 06/02/2023 | SGUDA | Link | ||
SailPoint IdentityIQ Java Constructor unknown vulnerability | 7.9 | 06/05/2023 | SailPoint | Link | ||
ABB ASPECT Enterprise privileges management | 7.6 | 06/05/2023 | ABB | Link | ||
IBM Aspera Connect/Aspera Cargo buffer overflow | 7.9 | 06/05/2023 | IBM | Link | ||
Mobatime AMXGT100 improper authentication | 9.5 | 06/05/2023 | Mobatime | Link |
Vulnerability
Deno/deno_runtime node:http/node:https privileges management
CVSSv3
7.8
Release Date
06/01/2023
Products
Deno/deno_runtime
References
Link
Vulnerability
Linux Kernel xfs_btree.c xfs_btree_lookup_get_block use after free
CVSSv3
7.6
Release Date
06/01/2023
Products
Linux
References
Link
Vulnerability
VIPRE Antivirus Plus link following
CVSSv3
7.8
Release Date
06/01/2023
Products
VIPRE
References
Link
Vulnerability
VIPRE Antivirus Plus SetPrivateConfig path traversal
CVSSv3
7.8
Release Date
06/01/2023
Products
VIPRE
References
Link
Vulnerability
VIPRE Antivirus Plus DeleteHistoryFile path traversal
CVSSv3
7.8
Release Date
06/01/2023
Products
VIPRE
References
Link
Vulnerability
VIPRE Antivirus Plus TelFileTransfer link following
CVSSv3
7.8
Release Date
06/01/2023
Products
VIPRE
References
Link
Vulnerability
VIPRE Antivirus Plus FPQuarTransfer link following
CVSSv3
7.8
Release Date
06/01/2023
Products
VIPRE
References
Link
Vulnerability
Gallagher Controller 6000 Controller Diagnostic Web Interface buffer overflow
CVSSv3
8.0
Release Date
06/01/2023
Products
Gallagher
References
Link
Vulnerability
Sprecher SPRECON-E CPU hard-coded credentials
CVSSv3
9.8
Release Date
06/01/2023
Products
Sprecher
References
Link
Vulnerability
Hangzhou Hopechart HQT401 MQTT improper authentication
CVSSv3
7.9
Release Date
06/01/2023
Products
Hangzhou
References
Link
Vulnerability
SUSE Rancher privileges management
CVSSv3
7.9
Release Date
06/01/2023
Products
SUSE
References
Link
Vulnerability
SUSE Rancher Azure AD privileges management
CVSSv3
7.8
Release Date
06/01/2023
Products
SUSE
References
Link
Vulnerability
Dell OS Recovery Tool access control
CVSSv3
7.6
Release Date
06/01/2023
Products
Dell
References
Link
Vulnerability
Brook tproxy Server os command injection
CVSSv3
8.6
Release Date
06/01/2023
Products
Brook
References
Link
Vulnerability
DataEase Datasource deserialization
CVSSv3
8.4
Release Date
06/01/2023
Products
DataEase
References
Link
Vulnerability
Erikoglu ErMon sql injection
CVSSv3
9.6
Release Date
06/02/2023
Products
Erikoglu
References
Link
Vulnerability
Hitron CODA-5310 System Configuration Interface missing authentication
CVSSv3
8.5
Release Date
06/02/2023
Products
Hitron
References
Link
Vulnerability
Hitron CODA-5310 Telnet hard-coded credentials
CVSSv3
9.8
Release Date
06/02/2023
Products
Hitron
References
Link
Vulnerability
Wade Graphic Design FANTSY URL Parameter authorization
CVSSv3
9.8
Release Date
06/02/2023
Products
Wade
References
Link
Vulnerability
Wade Graphic Design FANTSY unrestricted upload
CVSSv3
7.5
Release Date
06/02/2023
Products
Wade
References
Link
Vulnerability
ARM Mali GPU Kernel Driver use after free
CVSSv3
7.5
Release Date
06/02/2023
Products
ARM
References
Link
Vulnerability
Furbo Dog Camera Device Log Management command injection
CVSSv3
9.3
Release Date
06/02/2023
Products
Furbo
References
Link
Vulnerability
Asus RT-AC86U Web URL os command injection
CVSSv3
8.8
Release Date
06/02/2023
Products
Asus
References
Link
Vulnerability
Elite Technology Web Fax Login Page sql injection
CVSSv3
8.5
Release Date
06/02/2023
Products
Elite
References
Link
Vulnerability
SGUDA U-Lock API authorization
CVSSv3
7.5
Release Date
06/02/2023
Products
SGUDA
References
Link
Vulnerability
SGUDA U-Lock Lock Management authorization
CVSSv3
8.8
Release Date
06/02/2023
Products
SGUDA
References
Link
Vulnerability
SailPoint IdentityIQ Java Constructor unknown vulnerability
CVSSv3
7.9
Release Date
06/05/2023
Products
SailPoint
References
Link
Vulnerability
ABB ASPECT Enterprise privileges management
CVSSv3
7.6
Release Date
06/05/2023
Products
ABB
References
Link
Vulnerability
IBM Aspera Connect/Aspera Cargo buffer overflow
CVSSv3
7.9
Release Date
06/05/2023
Products
IBM
References
Link
Vulnerability
Mobatime AMXGT100 improper authentication
CVSSv3
9.5
Release Date
06/05/2023
Products
Mobatime
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
CODESYS Development System inadequate encryption | 7.9 | 05/15/2023 | CODESYS | Link | ||
WAGO Compact Controller CC100 Device Configuration os command injection | 9.6 | 05/15/2023 | WAGO | Link | ||
SICK FTMg Air Flow Sensor REST Interface resource consumption | 7.5 | 05/15/2023 | SICK | Link | ||
CODESYS Control CmpTraceMgr out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control CmpTraceMgr out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
CODESYS Control out-of-bounds write | 8.6 | 05/15/2023 | CODESYS | Link | ||
vm2 injection | 9.6 | 05/16/2023 | vm2 | Link | ||
Synology Router Manager os command injection | 8.8 | 05/16/2023 | Synology | Link | ||
Synology Router Manager os command injection | 9.6 | 05/16/2023 | Synology | Link | ||
Snap One OvrC Pro Firmware Signature data authenticity | 9.4 | 05/16/2023 | Snap | Link | ||
posstaticblocks getPosCurrentHook sql injection | 8.5 | 05/17/2023 | posstaticblocks | Link | ||
ABB Terra AC improper authentication | 8.8 | 05/17/2023 | ABB | Link | ||
IBM PowerVM Logical Partition access control | 8.5 | 05/17/2023 | IBM | Link | ||
Linux Kernel ksmbd race condition | 7.7 | 05/18/2023 | Linux | Link | ||
Linux Kernel ksmbd race condition | 9.4 | 05/18/2023 | Linux | Link | ||
Linux Kernel ksmbd race condition | 7.7 | 05/18/2023 | Linux | Link | ||
Linux Kernel ksmbd race condition | 7.7 | 05/18/2023 | Linux | Link | ||
mlflow path traversal | 8.4 | 05/18/2023 | mlflow | Link | ||
cdesigner initContent sql injection | 8.4 | 05/18/2023 | cdesigner | Link | ||
cups-filters Backend Error beh.c os command injection | 8.6 | 05/18/2023 | cups-filters | Link | ||
Acronis Home Office signature verification | 7.6 | 05/18/2023 | Acronis | Link |
Vulnerability
CODESYS Development System inadequate encryption
CVSSv3
7.9
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
WAGO Compact Controller CC100 Device Configuration os command injection
CVSSv3
9.6
Release Date
05/15/2023
Products
WAGO
References
Link
Vulnerability
SICK FTMg Air Flow Sensor REST Interface resource consumption
CVSSv3
7.5
Release Date
05/15/2023
Products
SICK
References
Link
Vulnerability
CODESYS Control CmpTraceMgr out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control CmpTraceMgr out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
CODESYS Control out-of-bounds write
CVSSv3
8.6
Release Date
05/15/2023
Products
CODESYS
References
Link
Vulnerability
Synology Router Manager os command injection
CVSSv3
8.8
Release Date
05/16/2023
Products
Synology
References
Link
Vulnerability
Synology Router Manager os command injection
CVSSv3
9.6
Release Date
05/16/2023
Products
Synology
References
Link
Vulnerability
Snap One OvrC Pro Firmware Signature data authenticity
CVSSv3
9.4
Release Date
05/16/2023
Products
Snap
References
Link
Vulnerability
posstaticblocks getPosCurrentHook sql injection
CVSSv3
8.5
Release Date
05/17/2023
Products
posstaticblocks
References
Link
Vulnerability
ABB Terra AC improper authentication
CVSSv3
8.8
Release Date
05/17/2023
Products
ABB
References
Link
Vulnerability
IBM PowerVM Logical Partition access control
CVSSv3
8.5
Release Date
05/17/2023
Products
IBM
References
Link
Vulnerability
Linux Kernel ksmbd race condition
CVSSv3
7.7
Release Date
05/18/2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ksmbd race condition
CVSSv3
9.4
Release Date
05/18/2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ksmbd race condition
CVSSv3
7.7
Release Date
05/18/2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ksmbd race condition
CVSSv3
7.7
Release Date
05/18/2023
Products
Linux
References
Link
Vulnerability
mlflow path traversal
CVSSv3
8.4
Release Date
05/18/2023
Products
mlflow
References
Link
Vulnerability
cdesigner initContent sql injection
CVSSv3
8.4
Release Date
05/18/2023
Products
cdesigner
References
Link
Vulnerability
cups-filters Backend Error beh.c os command injection
CVSSv3
8.6
Release Date
05/18/2023
Products
cups-filters
References
Link
Vulnerability
Acronis Home Office signature verification
CVSSv3
7.6
Release Date
05/18/2023
Products
Acronis
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
Linux Kernel io_uring io_prep_async_work use after free | 8.1 | Feb, 01 2023 | Linux | Link | ||
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free | 7.5 | Feb, 01 2023 | Linux | Link | ||
fLinux Kernel io_uring io_prep_async_work use after free | 8.4 | Feb, 01 2023 | QNAP | Link | ||
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization | 8.0 | Feb, 01 2023 | Schneider | Link | ||
Schneider Electric EcoStruxure Control Expert authentication replay | 8.1 | Feb, 01 2023 | Schneider | Link | ||
Schneider Electric C-Bus Network Automation Controller improper authentication | 9.6 | Feb, 01 2023 | Schneider | Link | ||
Schneider Electric C-Bus Network Automation Controller weak password | 8.4 | Feb, 01 2023 | Schneider | Link | ||
Motorola MR2600 input validation | 7.5 | Feb, 01 2023 | Motorola | Link | ||
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication | 7.8 | Feb, 01 2023 | Schneider | Link | ||
F5 BIG-IP iControl SOAP format string | 8.2 | Feb, 01 2023 | F5 | Link | ||
F5 BIG-IP Edge Client Installer uncontrolled search path | 8.1 | Feb, 01 2023 | F5 | Link | ||
Atlassian Jira Service Management Server and Data Center improper authentication | 8.3 | Feb, 01 2023 | Atlassian | Link | ||
Linux Kernel io_uring io_prep_async_work use after free | 8.1 | Feb, 02 2023 | Linux | Link | ||
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free | 7.5 | Feb, 02 2023 | Linux | Link | ||
QNAP QuTS hero/QTS sql injection | 8.4 | Feb, 02 2023 | QNAP | Link | ||
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization | 8.0 | Feb, 02 2023 | Schneider | Link | ||
Schneider Electric EcoStruxure Control Expert authentication replay | 8.1 | Feb, 02 2023 | Schneider | Link | ||
Schneider Electric C-Bus Network Automation Controller improper authentication | 9.6 | Feb, 02 2023 | Schneider | Link | ||
Schneider Electric C-Bus Network Automation Controller weak password | 8.4 | Feb, 02 2023 | Schneider | Link | ||
Motorola MR2600 input validation | 7.5 | Feb, 02 2023 | Motorola | Link | ||
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication | 7.8 | Feb, 02 2023 | Schneider | Link | ||
F5 BIG-IP iControl SOAP format string | 8.2 | Feb, 02 2023 | F5 | Link | ||
F5 BIG-IP Edge Client Installer uncontrolled search path | 8.1 | Feb, 02 2023 | F5 | Link | ||
Atlassian Jira Service Management Server and Data Center improper authentication | 8.3 | Feb, 02 2023 | Atlassian | Link | ||
Delta Electronics DIAScreen out-of-bounds write | 8.4 | Feb, 02 2023 | Delta | Link | ||
Delta Electronics DIAScreen stack-based overflow | 8.4 | Feb, 02 2023 | Delta | Link | ||
Netgear WNR612v2 Firmware Image unrestricted upload | 7.5 | Feb, 02 2023 | Netgear | Link | ||
Linux Kernel io_uring io_prep_async_work use after free | 8.1 | Feb, 03 2023 | Linux | Link | ||
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free | 7.5 | Feb, 03 2023 | Linux | Link | ||
QNAP QuTS hero/QTS sql injection | 8.4 | Feb, 03 2023 | QNAP | Link |
Vulnerability
Linux Kernel io_uring io_prep_async_work use after free
CVSSv3
8.1
Release Date
Feb, 01 2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free
CVSSv3
7.5
Release Date
Feb, 01 2023
Products
Linux
References
Link
Vulnerability
fLinux Kernel io_uring io_prep_async_work use after free
CVSSv3
8.4
Release Date
Feb, 01 2023
Products
QNAP
References
Link
Vulnerability
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization
CVSSv3
8.0
Release Date
Feb, 01 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric EcoStruxure Control Expert authentication replay
CVSSv3
8.1
Release Date
Feb, 01 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric C-Bus Network Automation Controller improper authentication
CVSSv3
9.6
Release Date
Feb, 01 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric C-Bus Network Automation Controller weak password
CVSSv3
8.4
Release Date
Feb, 01 2023
Products
Schneider
References
Link
Vulnerability
Motorola MR2600 input validation
CVSSv3
7.5
Release Date
Feb, 01 2023
Products
Motorola
References
Link
Vulnerability
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication
CVSSv3
7.8
Release Date
Feb, 01 2023
Products
Schneider
References
Link
Vulnerability
F5 BIG-IP iControl SOAP format string
CVSSv3
8.2
Release Date
Feb, 01 2023
Products
F5
References
Link
Vulnerability
F5 BIG-IP Edge Client Installer uncontrolled search path
CVSSv3
8.1
Release Date
Feb, 01 2023
Products
F5
References
Link
Vulnerability
Atlassian Jira Service Management Server and Data Center improper authentication
CVSSv3
8.3
Release Date
Feb, 01 2023
Products
Atlassian
References
Link
Vulnerability
Linux Kernel io_uring io_prep_async_work use after free
CVSSv3
8.1
Release Date
Feb, 02 2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free
CVSSv3
7.5
Release Date
Feb, 02 2023
Products
Linux
References
Link
Vulnerability
QNAP QuTS hero/QTS sql injection
CVSSv3
8.4
Release Date
Feb, 02 2023
Products
QNAP
References
Link
Vulnerability
Schneider Electric EcoStruxure Geo SCADA Expert 2019 Message improper authorization
CVSSv3
8.0
Release Date
Feb, 02 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric EcoStruxure Control Expert authentication replay
CVSSv3
8.1
Release Date
Feb, 02 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric C-Bus Network Automation Controller improper authentication
CVSSv3
9.6
Release Date
Feb, 02 2023
Products
Schneider
References
Link
Vulnerability
Schneider Electric C-Bus Network Automation Controller weak password
CVSSv3
8.4
Release Date
Feb, 02 2023
Products
Schneider
References
Link
Vulnerability
Motorola MR2600 input validation
CVSSv3
7.5
Release Date
Feb, 02 2023
Products
Motorola
References
Link
Vulnerability
Schneider Electric IGSS Data Server IGSSdataServer.exe missing authentication
CVSSv3
7.8
Release Date
Feb, 02 2023
Products
Schneider
References
Link
Vulnerability
F5 BIG-IP iControl SOAP format string
CVSSv3
8.2
Release Date
Feb, 02 2023
Products
F5
References
Link
Vulnerability
F5 BIG-IP Edge Client Installer uncontrolled search path
CVSSv3
8.1
Release Date
Feb, 02 2023
Products
F5
References
Link
Vulnerability
Atlassian Jira Service Management Server and Data Center improper authentication
CVSSv3
8.3
Release Date
Feb, 02 2023
Products
Atlassian
References
Link
Vulnerability
Delta Electronics DIAScreen out-of-bounds write
CVSSv3
8.4
Release Date
Feb, 02 2023
Products
Delta
References
Link
Vulnerability
Delta Electronics DIAScreen stack-based overflow
CVSSv3
8.4
Release Date
Feb, 02 2023
Products
Delta
References
Link
Vulnerability
Netgear WNR612v2 Firmware Image unrestricted upload
CVSSv3
7.5
Release Date
Feb, 02 2023
Products
Netgear
References
Link
Vulnerability
Linux Kernel io_uring io_prep_async_work use after free
CVSSv3
8.1
Release Date
Feb, 03 2023
Products
Linux
References
Link
Vulnerability
Linux Kernel ALSA PCM Package SNDRV_CTL_IOCTL_ELEM_WRITE use after free
CVSSv3
7.5
Release Date
Feb, 03 2023
Products
Linux
References
Link
Vulnerability
QNAP QuTS hero/QTS sql injection
CVSSv3
8.4
Release Date
Feb, 03 2023
Products
QNAP
References
Link
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
perfSONAR file URL Privilege Escalation | 7.5 | Jan, 01 2023 | perfSONAR | Link | ||
vooon ntpd_driver Source Code access control | 7.9 | Jan, 01 2023 | vooon | Link | ||
perfSONAR file URL Privilege Escalation | 7.5 | Jan, 02 2023 | perfSONAR | Link | ||
vooon ntpd_driver Source Code access control | 7.9 | Jan, 02 2023 | vooon | Link | ||
perfSONAR file URL Privilege Escalation | 7.5 | Jan, 03 2023 | perfSONAR | Link | ||
vooon ntpd_driver Source Code access control | 7.9 | Jan, 03 2023 | vooon | Link | ||
Fortinet FortiTester os command injection | 8.3 | Jan, 03 2023 | Fortinet | Link | ||
Fortinet FortiADC HTTP Request os command injection | 8.6 | Jan, 03 2023 | Fortinet | Link | ||
Apache Dubbo Telnet deserialization | 9.6 | Jan, 03 2023 | Apache | Link | ||
User Post Gallery Plugin command injection | 8.4 | Jan, 03 2023 | User | Link | ||
User Post Gallery Plugin authorization | 8.4 | Jan, 03 2023 | User | Link | ||
perfSONAR file URL Privilege Escalation | 7.5 | Jan, 04 2023 | perfSONAR | Link | ||
vooon ntpd_driver Source Code access control | 7.9 | Jan, 04 2023 | vooon | Link | ||
Fortinet FortiTester os command injection | 8.3 | Jan, 04 2023 | Fortinet | Link | ||
Fortinet FortiADC HTTP Request os command injection | 8.6 | Jan, 04 2023 | Fortinet | Link | ||
Apache Dubbo Telnet deserialization | 9.6 | Jan, 04 2023 | Apache | Link | ||
User Post Gallery Plugin command injection | 8.4 | Jan, 04 2023 | User | Link | ||
User Post Gallery Plugin authorization | 8.4 | Jan, 05 2023 | User | Link | ||
User Post Gallery Plugin authorization | 8.4 | Jan, 04 2023 | User | Link | ||
KubePi hard-coded credentials | 8.9 | Jan, 04 2023 | KubePi | Link | ||
Apache DolphinScheduler Script Alert Plugin Parameter input validation | 8.0 | Jan, 04 2023 | Apache | Link | ||
perfSONAR file URL Privilege Escalation | 7.5 | Jan, 05 2023 | perfSONAR | Link | ||
vooon ntpd_driver Source Code access control | 7.9 | Jan, 05 2023 | vooon | Link | ||
Fortinet FortiTester os command injection | 8.3 | Jan, 05 2023 | Fortinet | Link | ||
Fortinet FortiADC HTTP Request os command injection | 8.6 | Jan, 05 2023 | Fortinet | Link | ||
Apache Dubbo Telnet deserialization | 9.6 | Jan, 05 2023 | Apache | Link | ||
User Post Gallery Plugin command injection | 8.4 | Jan, 05 2023 | User | Link | ||
KubePi hard-coded credentials | 8.9 | Jan, 05 2023 | KubePi | Link | ||
Apache DolphinScheduler Script Alert Plugin Parameter input validation | 8.0 | Jan, 05 2023 | Apache | Link | ||
Hitachi Energy UNEM R16A hard-coded key | 8.0 | Jan, 05 2023 | perfSONAR | Link |
Vulnerability
perfSONAR file URL Privilege Escalation
CVSSv3
7.5
Release Date
Jan, 01 2023
Products
perfSONAR
References
Link
Vulnerability
vooon ntpd_driver Source Code access control
CVSSv3
7.9
Release Date
Jan, 01 2023
Products
vooon
References
Link
Vulnerability
perfSONAR file URL Privilege Escalation
CVSSv3
7.5
Release Date
Jan, 02 2023
Products
perfSONAR
References
Link
Vulnerability
vooon ntpd_driver Source Code access control
CVSSv3
7.9
Release Date
Jan, 02 2023
Products
vooon
References
Link
Vulnerability
perfSONAR file URL Privilege Escalation
CVSSv3
7.5
Release Date
Jan, 03 2023
Products
perfSONAR
References
Link
Vulnerability
vooon ntpd_driver Source Code access control
CVSSv3
7.9
Release Date
Jan, 03 2023
Products
vooon
References
Link
Vulnerability
Fortinet FortiTester os command injection
CVSSv3
8.3
Release Date
Jan, 03 2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiADC HTTP Request os command injection
CVSSv3
8.6
Release Date
Jan, 03 2023
Products
Fortinet
References
Link
Vulnerability
Apache Dubbo Telnet deserialization
CVSSv3
9.6
Release Date
Jan, 03 2023
Products
Apache
References
Link
Vulnerability
User Post Gallery Plugin command injection
CVSSv3
8.4
Release Date
Jan, 03 2023
Products
User
References
Link
Vulnerability
User Post Gallery Plugin authorization
CVSSv3
8.4
Release Date
Jan, 03 2023
Products
User
References
Link
Vulnerability
perfSONAR file URL Privilege Escalation
CVSSv3
7.5
Release Date
Jan, 04 2023
Products
perfSONAR
References
Link
Vulnerability
vooon ntpd_driver Source Code access control
CVSSv3
7.9
Release Date
Jan, 04 2023
Products
vooon
References
Link
Vulnerability
Fortinet FortiTester os command injection
CVSSv3
8.3
Release Date
Jan, 04 2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiADC HTTP Request os command injection
CVSSv3
8.6
Release Date
Jan, 04 2023
Products
Fortinet
References
Link
Vulnerability
Apache Dubbo Telnet deserialization
CVSSv3
9.6
Release Date
Jan, 04 2023
Products
Apache
References
Link
Vulnerability
User Post Gallery Plugin command injection
CVSSv3
8.4
Release Date
Jan, 04 2023
Products
User
References
Link
Vulnerability
User Post Gallery Plugin authorization
CVSSv3
8.4
Release Date
Jan, 05 2023
Products
User
References
Link
Vulnerability
User Post Gallery Plugin authorization
CVSSv3
8.4
Release Date
Jan, 04 2023
Products
User
References
Link
Vulnerability
KubePi hard-coded credentials
CVSSv3
8.9
Release Date
Jan, 04 2023
Products
KubePi
References
Link
Vulnerability
Apache DolphinScheduler Script Alert Plugin Parameter input validation
CVSSv3
8.0
Release Date
Jan, 04 2023
Products
Apache
References
Link
Vulnerability
perfSONAR file URL Privilege Escalation
CVSSv3
7.5
Release Date
Jan, 05 2023
Products
perfSONAR
References
Link
Vulnerability
vooon ntpd_driver Source Code access control
CVSSv3
7.9
Release Date
Jan, 05 2023
Products
vooon
References
Link
Vulnerability
Fortinet FortiTester os command injection
CVSSv3
8.3
Release Date
Jan, 05 2023
Products
Fortinet
References
Link
Vulnerability
Fortinet FortiADC HTTP Request os command injection
CVSSv3
8.6
Release Date
Jan, 05 2023
Products
Fortinet
References
Link
Vulnerability
Apache Dubbo Telnet deserialization
CVSSv3
9.6
Release Date
Jan, 05 2023
Products
Apache
References
Link
Vulnerability
User Post Gallery Plugin command injection
CVSSv3
8.4
Release Date
Jan, 05 2023
Products
User
References
Link
Vulnerability
KubePi hard-coded credentials
CVSSv3
8.9
Release Date
Jan, 05 2023
Products
KubePi
References
Link
Vulnerability
Apache DolphinScheduler Script Alert Plugin Parameter input validation
CVSSv3
8.0
Release Date
Jan, 05 2023
Products
Apache
References
Link
Vulnerability
Hitachi Energy UNEM R16A hard-coded key
CVSSv3
8.0
Release Date
Jan, 05 2023
Products
perfSONAR
References
Link
December
November
October
September
August
July
June
May
Vulnerability | CVSSv3 | Release Date | Products | References | ||
---|---|---|---|---|---|---|
oretnom23 Purchase Order Management System unrestricted upload | 9.3 | Dec, 01 2022 | oretnom23 | Link | ||
AVS Audio Converter buffer overflow | 7.9 | Dec, 01 2022 | AVS | Link | ||
crewjam saml Assertion Element improper authentication | 8.0 | Dec, 01 2022 | crewjam | Link | ||
Online Tours & Travels Management System file.php unrestricted upload | 9.3 | Dec, 01 2022 | Online | Link | ||
Poultry Farm Management System category.php sql injection | 7.5 | Dec, 01 2022 | Poultry | Link | ||
Acer Notebook HQSwSmiDxe Driver default permission | 7.7 | Dec, 01 2022 | Acer | Link | ||
School Management System sql injection | 7.7 | Dec, 01 2022 | School | Link | ||
GPAC unquantize.c Q_IsTypeOn use after free | 7.5 | Dec, 01 2022 | GPAC | Link | ||
ghost Newsletter access control | 7.8 | Dec, 01 2022 | ghost | Link | ||
Squirrly SEO Plugin unrestricted upload | 7.9 | Dec, 01 2022 | Squirrly | Link | ||
Russound XSourcePlayer 777D scriptRunner.cgi Privilege Escalation | 7.7 | Dec, 01 2022 | Russound | Link | ||
PuneethReddyHC online-shopping-system-advanced product.php sql injection | 7.5 | Dec, 01 2022 | PuneethReddyHC | Link | ||
Microsoft Edge GPU heap-based overflow | 7.8 | Dec, 01 2022 | Microsoft | Link | ||
Tribal Systems Zenario CMS Privilege Escalation | 8.0 | Dec, 01 2022 | Tribal | Link | ||
oretnom23 Simple Inventory Management System login.php sql injection | 7.5 | Dec, 01 2022 | oretnom23 | Link | ||
SourceCodester Book Store Management System index.php access control | 7.9 | Dec, 01 2022 | SourceCodester | Link | ||
owncast sql injection | 8.2 | Dec, 01 2022 | owncast | Link | ||
Book Store Management System Admin Panel hard-coded credentials | 7.9 | Dec, 01 2022 | Book | Link | ||
Sanitization Management System Admin Panel hard-coded credentials | 7.9 | Dec, 01 2022 | Sanitization | Link | ||
OP-TEE Trusted OS cleanup_shm_refs array index | 7.8 | Dec, 01 2022 | OP-TEE | Link | ||
Symantec Endpoint Protection privileges management | 7.6 | Dec, 01 2022 | Symantec | Link | ||
asith-eranga ISIC Tour Booking controller.php sql injection | 7.9 | Dec, 01 2022 | asith-eranga | Link | ||
Asus NAS-M25 Cookie os command injection | 9.8 | Dec, 01 2022 | Asus | Link | ||
Rocket TRUfusion Enterprise JSP File unrestricted upload | 7.9 | Dec, 01 2022 | Rocket | Link | ||
Festo VTEM-S1 insufficient technical documentation | 9.6 | Dec, 01 2022 | Festo | Link | ||
SnakeYAML Constructor deserialization | 8.1 | Dec, 01 2022 | SnakeYAML | Link | ||
ff4j Privilege Escalation | 8.0 | Dec, 01 2022 | ff4j | Link | ||
discourse-bbcode CSS injection | 8.2 | Dec, 01 2022 | discourse-bbcode | Link | ||
Xiongmai MBD6304T/NBD6808T-PL JSON File deserialization | 8.3 | Dec, 01 2022 | Xiongmai | Link | ||
oretnom23 Purchase Order Management System unrestricted upload | 9.3 | Dec, 02 2022 | oretnom23 | Link |
Vulnerability
oretnom23 Purchase Order Management System unrestricted upload