Search Results (367102 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-28087 1 Hp 1 Oneview 2025-02-03 5.5 Medium
An HPE OneView appliance dump may expose OneView user accounts
CVE-2023-28086 1 Hp 1 Oneview 2025-02-03 5.5 Medium
An HPE OneView appliance dump may expose proxy credential settings
CVE-2023-27107 1 Myq-solution 2 Central Server, Print Server 2025-02-03 8.8 High
Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL.
CVE-2023-26567 1 Sangoma 1 Freepbx Linux 7 2025-02-03 8.1 High
Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface. For example, an attacker can make a /ari/asterisk/variable?variable=AMPDBPASS API call.
CVE-2022-44232 1 Libming 1 Libming 2025-02-03 7.5 High
libming 0.4.8 0.4.8 is vulnerable to Buffer Overflow. In getInt() in decompile.c unknown type may lead to denial of service. This is a different vulnerability than CVE-2018-9132 and CVE-2018-20427.
CVE-2022-39989 1 Fighting Cock Information System Project 1 Fighting Cock Information System 2025-02-03 9.8 Critical
An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials, but does not force nor prompt the administrators to change the credentials.
CVE-2022-27979 1 Tooljet 1 Tooljet 2025-02-03 5.4 Medium
A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component.
CVE-2022-25091 1 Infopop 1 Ultimate Bulletin Board 2025-02-03 5.3 Medium
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature.
CVE-2021-44465 1 Odoo 1 Odoo 2025-02-03 4.3 Medium
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe to receive future notifications and comments related to arbitrary business records in the system, via crafted RPC requests.
CVE-2021-23203 1 Odoo 1 Odoo 2025-02-03 7.5 High
Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF reports for arbitrary documents, via crafted requests.
CVE-2021-23166 1 Odoo 1 Odoo 2025-02-03 8.7 High
A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and write local files on the server.
CVE-2023-28847 1 Nextcloud 1 Nextcloud Server 2025-02-03 3.1 Low
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server 24.0.0 prior to 24.0.11 and 25.0.0 prior to 25.0.5; as well as Nextcloud Server Enterprise 23.0.0 prior to 23.0.12.6, 24.0.0 prior to 24.0.11, and 25.0.0 prior to 25.0.5; an attacker is not restricted in verifying passwords of share links so they can just start brute forcing the password. Nextcloud Server 24.0.11 and 25.0.5 and Nextcloud Enterprise Server 23.0.12.6, 24.0.11, and 25.0.5 contain a fix for this issue. No known workarounds are available.
CVE-2023-30839 1 Prestashop 1 Prestashop 2025-02-03 10 Critical
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.
CVE-2023-29011 1 Git For Windows Project 1 Git For Windows 2025-02-03 7.6 High
Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`'s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\etc\connectrc`. Since `C:\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `<drive>:\etc\connectrc` files on multi-user machines.
CVE-2023-29012 1 Git For Windows Project 1 Git For Windows 2025-02-03 7.3 High
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed `doskey.exe` would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory.
CVE-2023-30609 1 Matrix-react-sdk Project 1 Matrix-react-sdk 2025-02-03 5.4 Medium
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload. No cross-site scripting attack is possible due to the hardcoded content security policy. Version 3.71.0 of the SDK patches over the issue. As a workaround, restarting the client will clear the HTML injection.
CVE-2024-3119 1 Irontec 1 Sngrep 2025-02-03 9 Critical
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages.
CVE-2023-31250 1 Drupal 1 Drupal 2025-02-03 6.5 Medium
The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing private files after updating.
CVE-2023-30363 1 Tencent 1 Vconsole 2025-02-03 9.8 Critical
vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts.
CVE-2023-28090 1 Hp 1 Oneview 2025-02-03 5.5 Medium
An HPE OneView appliance dump may expose SNMPv3 read credentials