Search Results (366977 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-27521 1 Contec 4 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Sv-cpt-mc310f and 1 more 2025-01-31 8.8 High
OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command.
CVE-2023-27507 1 Microengine 1 Mailform 2025-01-31 9.8 Critical
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
CVE-2023-27397 1 Microengine 1 Mailform 2025-01-31 9.8 Critical
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
CVE-2023-27388 2 Especmic, Tandd 20 Rs-12n, Rs-12n Firmware, Rt-12n and 17 more 2025-01-31 9.8 Critical
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).
CVE-2023-27067 1 Sitecore 1 Experience Platform 2025-01-31 7.5 High
Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx
CVE-2023-27066 1 Sitecore 1 Experience Platform 2025-01-31 6.5 Medium
Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle.
CVE-2023-25946 1 Qrio 2 Q-sl2, Q-sl2 Firmware 2025-01-31 8.8 High
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier allows a network-adjacent attacker to analyze the product's communication data and conduct an arbitrary operation under certain conditions.
CVE-2023-25440 1 Civicrm 1 Civicrm 2025-01-31 5.4 Medium
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
CVE-2023-23556 1 Facebook 1 Hermes 2025-01-31 9.8 Critical
An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.
CVE-2023-23545 2 Especmic, Tandd 20 Rs-12n, Rs-12n Firmware, Rt-12n and 17 more 2025-01-31 5.3 Medium
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may allow a remote unauthenticated attacker to alter the product settings without authentication. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).
CVE-2023-23306 1 Garmin 1 Connect-iq 2025-01-31 9.8 Critical
The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted `Toybox.Ant.BurstPayload` object, call its `add` method, override arbitrary memory and hijack the execution of the device's firmware.
CVE-2023-23305 1 Garmin 1 Connect-iq 2025-01-31 9.8 Critical
The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware.
CVE-2023-23304 1 Garmin 1 Connect-iq 2025-01-31 7.7 High
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `Toybox.SensorHistory` module without permission. A malicious application could call any functions from the `Toybox.SensorHistory` module without the user's consent and disclose potentially private or sensitive information.
CVE-2023-21118 1 Google 1 Android 2025-01-31 6.2 Medium
In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004
CVE-2023-21117 1 Google 1 Android 2025-01-31 8.4 High
In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101
CVE-2023-21111 1 Google 1 Android 2025-01-31 6.2 Medium
In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769
CVE-2024-4154 2 Lunary, Lunary-ai 2 Lunary, Lunary 2025-01-31 6.5 Medium
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project. This issue allows for unauthorized modification of project names, potentially leading to confusion or unauthorized access to project resources.
CVE-2024-4151 1 Lunary 1 Lunary 2025-01-31 8.1 High
An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to manipulate or access sensitive project data, potentially leading to data integrity and confidentiality issues.
CVE-2024-1741 2 Lunary, Lunary-ai 2 Lunary, Lunary 2025-01-31 9.1 Critical
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. Despite being removed from an organization, these members can still perform operations on prompt templates by sending HTTP requests with their previously captured authorization token. This issue exposes organizations to unauthorized access and manipulation of sensitive template data.
CVE-2024-1626 2 Lunary, Lunary-ai 2 Lunary, Lunary 2025-01-31 8.1 High
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary repository, version 0.3.0, within the project update endpoint. The vulnerability allows authenticated users to modify the name of any project within the system without proper authorization checks, by directly referencing the project's ID in the PATCH request to the '/v1/projects/:projectId' endpoint. This issue arises because the endpoint does not verify if the provided project ID belongs to the currently authenticated user, enabling unauthorized modifications across different organizational projects.