Total
958 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4843 | 1 Pega | 1 Pega Platform | 2023-09-12 | N/A | 4.8 MEDIUM |
| Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user. | |||||
| CVE-2023-39424 | 1 Resortdata | 1 Internet Reservation Module Next Generation | 2023-09-12 | N/A | 8.8 HIGH |
| A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials. | |||||
| CVE-2023-36812 | 1 Opentsdb | 1 Opentsdb | 2023-09-08 | N/A | 9.8 CRITICAL |
| OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been patched in commit `07c4641471c` and further refined in commit `fa88d3e4b`. These patches are available in the `2.4.2` release. Users are advised to upgrade. User unable to upgrade may disable Gunuplot via the config option`tsd.core.enable_ui = true` and remove the shell files `mygnuplot.bat` and `mygnuplot.sh`. | |||||
| CVE-2023-1523 | 1 Canonical | 2 Snapd, Ubuntu Linux | 2023-09-08 | N/A | 10.0 CRITICAL |
| Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. | |||||
| CVE-2023-41039 | 1 Zope | 1 Restrictedpython | 2023-09-05 | N/A | 7.7 HIGH |
| RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to critical information disclosure. With `RestrictedPython`, the format functionality is available via the `format` and `format_map` methods of `str` (and `unicode`) (accessed either via the class or its instances) and via `string.Formatter`. All known versions of `RestrictedPython` are vulnerable. This issue has been addressed in commit `4134aedcff1` which has been included in the 5.4 and 6.2 releases. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-4478 | 1 Mattermost | 1 Mattermost Server | 2023-08-31 | N/A | 8.2 HIGH |
| Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts. | |||||
| CVE-2023-38060 | 1 Otrs | 1 Otrs | 2023-08-31 | N/A | 8.8 HIGH |
| Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. | |||||
| CVE-2023-40035 | 1 Craftcms | 1 Craft Cms | 2023-08-29 | N/A | 7.2 HIGH |
| Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable only in the authenticated users, configuration with ALLOW_ADMIN_CHANGES=true, there is still a potential security threat (Remote Code Execution). This issue has been patched in version 4.4.15 and version 3.8.15. | |||||
| CVE-2023-33241 | 2 Gg18 Project, Gg20 Project | 2 Gg18, Gg20 | 2023-08-25 | N/A | 9.1 CRITICAL |
| Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signatures or more fully exfiltrate the other parties' private key shares. | |||||
| CVE-2023-33242 | 1 Lindell17 Project | 1 Lindell17 | 2023-08-25 | N/A | 8.1 HIGH |
| Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature. | |||||
| CVE-2022-24989 | 1 Terra-master | 30 F2-210, F2-221, F2-223 and 27 more | 2023-08-24 | N/A | 9.8 CRITICAL |
| TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used. | |||||
| CVE-2023-35810 | 1 Sugarcrm | 1 Sugarcrm | 2023-08-23 | N/A | 7.2 HIGH |
| An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing input validation. Admin user privileges are required to exploit this vulnerability. Editions other than Enterprise are also affected. | |||||
| CVE-2023-39659 | 1 Langchain | 1 Langchain | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component. | |||||
| CVE-2023-39661 | 1 Gabrieleventuri | 1 Pandasai | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function. | |||||
| CVE-2023-39662 | 1 Llamaindex Project | 1 Llamaindex | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function. | |||||
| CVE-2023-38896 | 1 Langchain | 1 Langchain | 2023-08-22 | N/A | 9.8 CRITICAL |
| An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. | |||||
| CVE-2023-31209 | 1 Tribe29 | 1 Checkmk | 2023-08-17 | N/A | 8.8 HIGH |
| Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users. | |||||
| CVE-2020-28848 | 1 Churchcrm | 1 Churchcrm | 2023-08-17 | N/A | 8.8 HIGH |
| CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file. | |||||
| CVE-2020-3561 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Firepower Threat Defense | 2023-08-16 | 4.3 MEDIUM | 4.7 MEDIUM |
| A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites. | |||||
| CVE-2023-39213 | 1 Zoom | 2 Virtual Desktop Infrastructure, Zoom | 2023-08-15 | N/A | 9.8 CRITICAL |
| Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access. | |||||