The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2023-49342 | Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | -- | Dec 14, 2023 | n/a |
CVE-2023-49343 | Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | -- | Dec 14, 2023 | n/a |
CVE-2023-49344 | Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | -- | Dec 14, 2023 | n/a |
CVE-2023-49345 | Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | -- | Dec 14, 2023 | n/a |
CVE-2023-49346 | Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | -- | Dec 14, 2023 | n/a |
CVE-2023-49347 | Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application. | -- | Dec 14, 2023 | n/a |
CVE-2023-49351 | A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function. | -- | Jan 16, 2024 | n/a |
CVE-2023-49355 | decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the []-1.2e-1111111111 input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation. | -- | Dec 11, 2023 | n/a |
CVE-2023-49356 | A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592. | -- | Dec 22, 2023 | n/a |
CVE-2023-49363 | Rockoa <2.3.3 is vulnerable to SQL Injection. The problem exists in the indexAction method in reimpAction.php. | -- | Dec 13, 2023 | n/a |
CVE-2023-49371 | RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit. | -- | Dec 3, 2023 | n/a |
CVE-2023-49372 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save. | -- | Dec 5, 2023 | n/a |
CVE-2023-49373 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete. | -- | Dec 5, 2023 | n/a |
CVE-2023-49374 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update. | -- | Dec 5, 2023 | n/a |
CVE-2023-49375 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update. | -- | Dec 5, 2023 | n/a |
CVE-2023-49376 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete. | -- | Dec 5, 2023 | n/a |
CVE-2023-49377 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update. | -- | Dec 5, 2023 | n/a |
CVE-2023-49378 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save. | -- | Dec 5, 2023 | n/a |
CVE-2023-49379 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save. | -- | Dec 5, 2023 | n/a |
CVE-2023-49380 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/delete. | -- | Dec 5, 2023 | n/a |
CVE-2023-49381 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/update. | -- | Dec 5, 2023 | n/a |
CVE-2023-49382 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/delete. | -- | Dec 5, 2023 | n/a |
CVE-2023-49383 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/save. | -- | Dec 5, 2023 | n/a |
CVE-2023-49391 | An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. | -- | Dec 22, 2023 | n/a |
CVE-2023-49394 | Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly. | -- | Jan 10, 2024 | n/a |
CVE-2023-49395 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/update. | -- | Dec 5, 2023 | n/a |
CVE-2023-49396 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/save. | -- | Dec 5, 2023 | n/a |
CVE-2023-49397 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/updateStatus. | -- | Dec 5, 2023 | n/a |
CVE-2023-49398 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete. | -- | Dec 5, 2023 | n/a |
CVE-2023-49402 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49403 | Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setFixTools. | -- | Dec 7, 2023 | n/a |
CVE-2023-49404 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet. | -- | Dec 7, 2023 | n/a |
CVE-2023-49405 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49406 | Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet. | -- | Dec 7, 2023 | n/a |
CVE-2023-49408 | Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name. | -- | Dec 7, 2023 | n/a |
CVE-2023-49409 | Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet. | -- | Dec 7, 2023 | n/a |
CVE-2023-49410 | Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status. | -- | Dec 7, 2023 | n/a |
CVE-2023-49411 | Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. | -- | Dec 7, 2023 | n/a |
CVE-2023-49417 | TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg. | -- | Dec 11, 2023 | n/a |
CVE-2023-49418 | TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules. | -- | Dec 11, 2023 | n/a |
CVE-2023-49424 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49425 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . | -- | Dec 7, 2023 | n/a |
CVE-2023-49426 | Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49427 | Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service (DoS) via list parameter in SetNetControlList function. | -- | Jan 10, 2024 | n/a |
CVE-2023-49428 | Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the \'mac\' parameter at /goform/SetOnlineDevName. | -- | Dec 7, 2023 | n/a |
CVE-2023-49429 | Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the \'setDeviceInfo\' feature through the \'mac\' parameter at /goform/setModules. | -- | Dec 7, 2023 | n/a |
CVE-2023-49430 | Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the \'list\' parameter at /goform/SetStaticRouteCfg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49431 | Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the \'mac\' parameter at /goform/SetOnlineDevName. | -- | Dec 7, 2023 | n/a |
CVE-2023-49432 | Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the \'deviceList\' parameter at /goform/setMacFilterCfg. | -- | Dec 7, 2023 | n/a |
CVE-2023-49433 | Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the \'list\' parameter at /goform/SetVirtualServerCfg. | -- | Dec 7, 2023 | n/a |