Search Results (363250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-4899 1 Mintplexlabs 1 Anything-llm 2024-11-21 8.8 High
SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
CVE-2023-4898 1 Mintplexlabs 1 Anything-llm 2024-11-21 7.5 High
Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
CVE-2023-4897 1 Mintplexlabs 1 Anythingllm 2024-11-21 9.8 Critical
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
CVE-2023-4896 1 Arubanetworks 1 Airwave 2024-11-21 6.8 Medium
A vulnerability exists which allows an authenticated attacker to access sensitive information on the AirWave Management Platform web-based management interface. Successful exploitation allows the attacker to gain access to some data that could be further exploited to laterally access devices managed and monitored by the AirWave server.
CVE-2023-4892 1 Sismics 1 Teedy 2024-11-21 5.7 Medium
Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks to this, it is possible to execute malicious JavaScript in the webapp.
CVE-2023-4891 2 Lenovo, Microsoft 2 View Driver, Windows 2024-11-21 5.5 Medium
A potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service.
CVE-2023-4885 1 Open5gs 1 Open5gs 2024-11-21 6.5 Medium
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.
CVE-2023-4884 1 Open5gs 1 Open5gs 2024-11-21 6.5 Medium
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
CVE-2023-4883 1 Open5gs 1 Open5gs 2024-11-21 7.5 High
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a service outage.
CVE-2023-4882 1 Open5gs 1 Open5gs 2024-11-21 7.5 High
DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash.
CVE-2023-4879 1 Instantcms 1 Instantcms 2024-11-21 4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git.
CVE-2023-4878 1 Instantcms 1 Instantcms 2024-11-21 5.4 Medium
Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
CVE-2023-4877 1 Hamza417 1 Inure 2024-11-21 7.5 High
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92.
CVE-2023-4876 1 Hamza417 1 Inure 2024-11-21 7.5 High
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92.
CVE-2023-4875 3 Debian, Mutt, Redhat 3 Debian Linux, Mutt, Enterprise Linux 2024-11-21 2.2 Low
Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12
CVE-2023-4874 3 Debian, Mutt, Redhat 3 Debian Linux, Mutt, Enterprise Linux 2024-11-21 4.3 Medium
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12
CVE-2023-4872 1 Contact Manager App Project 1 Contact Manager App 2024-11-21 6.3 Medium
A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239357 was assigned to this vulnerability.
CVE-2023-4871 1 Contact Manager App Project 1 Contact Manager App 2024-11-21 6.3 Medium
A vulnerability classified as critical was found in SourceCodester Contact Manager App 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument contact/contactName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239356.
CVE-2023-4869 1 Contact Manager App Project 1 Contact Manager App 2024-11-21 4.3 Medium
A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file update.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-239354 is the identifier assigned to this vulnerability.
CVE-2023-4868 1 Contact Manager App Project 1 Contact Manager App 2024-11-21 4.3 Medium
A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239353 was assigned to this vulnerability.