Search Results (363392 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-7040 1 Codelyfe 1 Stupid Simple Cms 2024-11-21 4.3 Medium
A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248689 was assigned to this vulnerability.
CVE-2023-7038 1 Automad 1 Automad 2024-11-21 4.3 Medium
A vulnerability was found in automad up to 1.10.9. It has been rated as problematic. This issue affects some unknown processing of the file /dashboard?controller=UserCollection::createUser of the component User Creation Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-7037 1 Automad 1 Automad 2024-11-21 6.3 Medium
A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-7036 1 Automad 1 Automad 2024-11-21 4.7 Medium
A vulnerability was found in automad up to 1.10.9. It has been classified as problematic. This affects the function upload of the file FileCollectionController.php of the component Content Type Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-7032 1 Schneider-electric 1 Easergy Studio 2024-11-21 7.8 High
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object.
CVE-2023-7031 1 Avaya 1 Aura Experience Portal 2024-11-21 5.7 Medium
Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, prior to 8.1.2 patch 0402. Versions prior to 8.0 are end of manufacturer support.
CVE-2023-7018 1 Huggingface 1 Transformers 2024-11-21 7.8 High
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
CVE-2023-7016 2024-11-21 7.8 High
A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access.
CVE-2023-6998 1 Coolkit 1 Ewelink 2024-11-21 7.7 High
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.
CVE-2023-6992 1 Cloudflare 1 Zlib 2024-11-21 4 Medium
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
CVE-2023-6977 1 Lfprojects 1 Mlflow 2024-11-21 7.5 High
This vulnerability enables malicious users to read sensitive files on the server.
CVE-2023-6976 1 Lfprojects 1 Mlflow 2024-11-21 8.8 High
This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.
CVE-2023-6975 1 Lfprojects 1 Mlflow 2024-11-21 9.8 Critical
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.
CVE-2023-6974 1 Lfprojects 1 Mlflow 2024-11-21 9.8 Critical
A malicious user could use this issue to access internal HTTP(s) servers and in the worst case (ie: aws instance) it could be abuse to get a remote code execution on the victim machine.
CVE-2023-6971 1 Backupbliss 1 Backup Migration 2024-11-21 8.1 High
The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP.
CVE-2023-6939 1 Hihonor 1 Magic Ui 2024-11-21 4 Medium
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service.
CVE-2023-6935 1 Wolfssl 1 Wolfssl 2024-11-21 5.9 Medium
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure: --enable-all CFLAGS="-DWOLFSSL_STATIC_RSA" The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.  Therefore the default build since 3.6.6, even with "--enable-all", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent. The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.
CVE-2023-6928 1 Eurotel 2 Etl3100, Etl3100 Firmware 2024-11-21 9.8 Critical
EuroTel ETL3100 versions v01c01 and v01x37 does not limit the number of attempts to guess administrative credentials in remote password attacks to gain full control of the system.
CVE-2023-6926 1 Crestron 2 Am-300, Am-300 Firmware 2024-11-21 8.4 High
There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access.
CVE-2023-6913 1 Imoulife 1 Imou Life 2024-11-21 8.1 High
A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView without prompting or displaying it to the user. This vulnerability could trigger phishing attacks.