Search Results (366369 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-34610 1 Json-io Project 1 Json-io 2025-01-06 7.5 High
An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVE-2023-29751 1 Yandex 1 Navigator 2025-01-06 5.5 Medium
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
CVE-2023-29405 3 Fedoraproject, Golang, Redhat 5 Fedora, Go, Ceph Storage and 2 more 2025-01-06 9.8 Critical
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
CVE-2023-29404 3 Fedoraproject, Golang, Redhat 5 Fedora, Go, Ceph Storage and 2 more 2025-01-06 9.8 Critical
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
CVE-2023-29401 2 Gin-gonic, Redhat 4 Gin, Migration Toolkit Virtualization, Openshift and 1 more 2025-01-06 4.3 Medium
The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of "setup.bat";x=.txt" will be sent as a file named "setup.bat". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header.
CVE-2023-24535 1 Protobuf 1 Protobuf 2025-01-06 7.5 High
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic.
CVE-2023-34109 1 Zxcvbn-ts Project 1 Zxcvbn-ts 2025-01-06 6.5 Medium
zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with every function call. Browsers are impacted, too but a single user need to do a lot of input changes so that it affects the browser, while the node process gets the inputs of every user of a platform and can be killed that way. This problem has been patched in version 3.0.2. Users are advised to upgrade. Users unable to upgrade should stop using the second argument of the zxcvbn function and use the zxcvbnOptions.setOptions function.
CVE-2023-34108 1 Mailcow 1 Mailcow\ 2025-01-06 8.8 High
mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the `passwd-verify.lua` script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of "password=<valid-password>", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password "123 mail_crypt_save_version=0" would cause the `passwd-verify.lua` script to return the string "password=123 mail_crypt_save_version=0". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version `2023-05a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-2186 1 Trianglemicroworks 1 Scada Data Gateway 2025-01-06 8.2 High
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution.
CVE-2023-33847 3 Hp, Ibm, Linux 5 Hp-ux, Aix, Cics Tx and 2 more 2025-01-06 3.7 Low
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 257102.
CVE-2023-33846 3 Hp, Ibm, Linux 5 Hp-ux, Aix, Cics Tx and 2 more 2025-01-06 5.4 Medium
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 257100.
CVE-2023-23482 2 Ibm, Linux 2 Sterling Partner Engagement Manager, Linux Kernel 2025-01-06 5.4 Medium
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 245891.
CVE-2023-33848 3 Hp, Ibm, Linux 5 Hp-ux, Aix, Cics Tx and 2 more 2025-01-06 4.9 Medium
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104.
CVE-2023-1709 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-01-06 5.5 Medium
Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.
CVE-2023-29168 1 Ptc 1 Vuforia Studio 2025-01-06 3.7 Low
The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication.
CVE-2023-23481 2 Ibm, Linux 2 Sterling Partner Engagement Manager, Linux Kernel 2025-01-06 6.4 Medium
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245889.
CVE-2023-27881 1 Ptc 1 Vuforia Studio 2025-01-06 8 High
A user could use the “Upload Resource” functionality to upload files to any location on the disk.
CVE-2023-24476 1 Ptc 1 Vuforia Studio 2025-01-06 1.8 Low
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.
CVE-2023-34231 1 Snowflake 1 Gosnowflake 2025-01-06 8.8 High
gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. A patch is available in version 1.6.19.
CVE-2023-34112 1 Bytedeco 1 Javacpp Presets 2025-01-06 4.3 Medium
JavaCPP Presets is a project providing Java distributions of native C++ libraries. All the actions in the `bytedeco/javacpp-presets` use the `github.event.head_commit.message​` parameter in an insecure way. For example, the commit message is used in a run statement - resulting in a command injection vulnerability due to string interpolation. No exploitation has been reported. This issue has been addressed in version 1.5.9. Users of JavaCPP Presets are advised to upgrade as a precaution.