The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2023-42019 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. | -- | Dec 4, 2023 | n/a |
CVE-2023-40699 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. | -- | Dec 4, 2023 | n/a |
CVE-2023-46174 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. | -- | Dec 4, 2023 | n/a |
CVE-2023-42022 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. | -- | Dec 4, 2023 | n/a |
CVE-2024-22319 | IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145. | -- | Feb 6, 2024 | n/a |
CVE-2023-20597 | Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | -- | Sep 20, 2023 | n/a |
CVE-2022-39017 | Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments. | -- | Nov 1, 2022 | n/a |
CVE-2023-22450 | In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. | -- | Jun 6, 2023 | n/a |
CVE-2023-27856 | In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation\'s ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed. | -- | Mar 24, 2023 | n/a |
CVE-2023-27603 | In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2. | -- | Apr 10, 2023 | n/a |
CVE-2023-27602 | In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions <=1.3.1, we suggest turning on the file path check switch in linkis.properties `wds.linkis.workspace.filesystem.owner.check=true` `wds.linkis.workspace.filesystem.path.check=true` | -- | Apr 10, 2023 | n/a |
CVE-2023-39936 | In Ashlar-Vellum Graphite v13.0.48, the affected application lacks proper validation of user-supplied data when parsing VC6 files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | -- | Oct 26, 2023 | n/a |
CVE-2024-2005 | In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected. Blue Planet® has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal. | -- | Mar 6, 2024 | n/a |
CVE-2023-46687 | In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer. | -- | Feb 15, 2024 | n/a |
CVE-2023-43636 | In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” design, the PCR values calculated at different stages of the boot process will change if any of their respective parts are changed. This includes, among other things, the configuration of the bios, grub, the kernel cmdline, initrd, and more. However, this mechanism does not validate the entire rootfs, so an attacker can edit the filesystem and gain control over the system. As the default filesystem used by EVE OS is squashfs, this is somewhat harder than an ext4, which is easily changeable. This will not stop an attacker, as an attacker can repackage the squashfs with their changes in it and replace the partition altogether. This can also be done directly on the device, as the “003-storage-init” container contains the “mksquashfs” and “unsquashfs” binaries (with the corresponding libs). An attacker can gain full control over the device without changing the PCR values, thus not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot. | -- | Sep 20, 2023 | n/a |
CVE-2023-21263 | In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | -- | Dec 5, 2023 | n/a |
CVE-2023-40049 | In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the \'WebServiceHost\' directory listing. | -- | Sep 27, 2023 | n/a |
CVE-2023-40048 | In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function. | -- | Sep 27, 2023 | n/a |
CVE-2023-40047 | In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\'s Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser. | -- | Sep 27, 2023 | n/a |
CVE-2023-40045 | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server\'s Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser. | -- | Sep 27, 2023 | n/a |
CVE-2023-40046 | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database elements. | -- | Sep 27, 2023 | n/a |
CVE-2023-42657 | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system. | -- | Sep 29, 2023 | n/a |
CVE-2023-20559 | Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. | -- | Apr 2, 2023 | n/a |
CVE-2023-20562 | Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. | -- | Aug 8, 2023 | n/a |
CVE-2024-25578 | MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application. | -- | Mar 1, 2024 | n/a |
CVE-2023-24506 | Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. | -- | May 9, 2023 | n/a |
CVE-2023-46706 | Multiple MachineSense devices have credentials unable to be changed by the user or administrator. | -- | Feb 1, 2024 | n/a |
CVE-2023-25523 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | -- | Jul 10, 2023 | n/a |
CVE-2023-25515 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. | -- | Jun 23, 2023 | n/a |
CVE-2023-6588 | Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline. | -- | Dec 7, 2023 | n/a |
CVE-2023-39431 | Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | -- | Oct 19, 2023 | n/a |
CVE-2024-23806 | Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys. | -- | Feb 7, 2024 | n/a |
CVE-2023-39372 | StarTrinity Softswitch version 2023-02-16 - Multiple CSRF (CWE-352) | -- | Sep 4, 2023 | n/a |
CVE-2023-39371 | StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601) | -- | Sep 4, 2023 | n/a |
CVE-2023-39370 | StarTrinity Softswitch version 2023-02-16 - Persistent XSS (CWE-79) | -- | Sep 4, 2023 | n/a |
CVE-2023-29158 | SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity. | -- | Jun 20, 2023 | n/a |
CVE-2023-41966 | The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter. | -- | Oct 26, 2023 | n/a |
CVE-2023-31426 | The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information. | -- | Aug 1, 2023 | n/a |
CVE-2023-4489 | The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access. | -- | Dec 14, 2023 | n/a |
CVE-2023-33868 | The number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic authentication. | -- | Jul 7, 2023 | n/a |
CVE-2023-33218 | The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device. | -- | Dec 15, 2023 | n/a |
CVE-2022-2484 | The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs. | -- | Jan 8, 2023 | n/a |
CVE-2023-25643 | There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands. | -- | Dec 14, 2023 | n/a |
CVE-2023-25647 | There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event. | -- | Aug 17, 2023 | n/a |
CVE-2023-40052 | This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests. | -- | Jan 18, 2024 | n/a |
CVE-2024-1886 | This vulnerability allows remote attackers to traverse the directory on the affected webOS of LG Signage. | -- | Feb 26, 2024 | n/a |
CVE-2023-46747 | Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Oct 26, 2023 | n/a |
CVE-2023-5777 | Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server. | -- | Nov 7, 2023 | n/a |
CVE-2023-37362 | Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. | -- | Jul 20, 2023 | n/a |
CVE-2023-34429 | Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. | -- | Jul 20, 2023 | n/a |