Search Results (362653 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-45572 1 Dlink 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.
CVE-2023-45560 1 Memberscard Project 1 Memberscard 2024-11-21 7.5 High
An issue in Yasukawa memberscard v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVE-2023-45558 1 Golden Project 1 Golden 2024-11-21 7.5 High
An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVE-2023-45556 1 Mybb 1 Mybb 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.
CVE-2023-45555 1 Zzzcms 1 Zzzcms 2024-11-21 7.8 High
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file.
CVE-2023-45554 1 Zzzcms 1 Zzzcms 2024-11-21 9.8 Critical
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp.
CVE-2023-45542 1 Moosocial 1 Moosocial 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function.
CVE-2023-45540 1 Jorani 1 Leave Management System 2024-11-21 6.5 Medium
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.
CVE-2023-45539 2 Haproxy, Redhat 7 Haproxy, Enterprise Linux, Openshift and 4 more 2024-11-21 8.2 High
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
CVE-2023-45511 1 Justdan96 1 Tsmuxer 2024-11-21 5.5 Medium
A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2023-45510 1 Justdan96 1 Tsmuxer 2024-11-21 7.5 High
tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator new [] vs operator delete) error.
CVE-2023-45499 1 Vinchin 1 Vinchin Backup And Recovery 2024-11-21 9.8 Critical
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded credentials.
CVE-2023-45484 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
CVE-2023-45483 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
CVE-2023-45482 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVE-2023-45480 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
CVE-2023-45479 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.
CVE-2023-45471 1 Qad 1 Search Server 2024-11-21 5.4 Medium
The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page.
CVE-2023-45468 1 Netis-systems 2 N3m, N3m Firmware 2024-11-21 7.5 High
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-45467 1 Netis-systems 2 N3m, N3m Firmware 2024-11-21 9.8 Critical
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.