Search Results (367103 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-36673 1 Avira 1 Phantom Vpn 2024-11-21 7.3 High
An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address" rather than to only Avira Phantom VPN.
CVE-2023-36672 1 Clario 1 Vpn 2024-11-21 5.7 Medium
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in leakage of traffic in plaintext" rather than to only Clario.
CVE-2023-36671 1 Clario 1 Vpn 2024-11-21 6.3 Medium
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. This allows an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack for only traffic to the real IP address of the VPN server" rather than to only Clario.
CVE-2023-36670 1 Kratosdefense 2 Ngc Indoor Unit, Ngc Indoor Unit Firmware 2024-11-21 9.8 Critical
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.
CVE-2023-36669 1 Kratosdefense 2 Ngc Indoor Unit, Ngc Indoor Unit Firmware 2024-11-21 9.8 Critical
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.
CVE-2023-36667 1 Couchbase 1 Couchbase Server 2024-11-21 7.5 High
Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal.
CVE-2023-36665 1 Protobufjs Project 1 Protobufjs 2024-11-21 9.8 Critical
"protobuf.js (aka protobufjs) 6.10.0 through 7.x before 7.2.5 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. A user-controlled protobuf message can be used by an attacker to pollute the prototype of Object.prototype by adding and overwriting its data and functions. Exploitation can involve: (1) using the function parse to parse protobuf messages on the fly, (2) loading .proto files by using load/loadSync functions, or (3) providing untrusted input to the functions ReflectionObject.setParsedOption and util.setProperty.
CVE-2023-36660 1 Nettle Project 1 Nettle 2024-11-21 9.8 Critical
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.
CVE-2023-36659 1 Opswat 1 Metadefender Kiosk 2024-11-21 9.8 Critical
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).
CVE-2023-36658 1 Opswat 2 Media Validation Agent, Metadefender Kiosk 2024-11-21 7.8 High
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
CVE-2023-36657 1 Opswat 1 Metadefender Kiosk 2024-11-21 9.8 Critical
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.
CVE-2023-36656 1 Jaegertracing 1 Jaeger Ui 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) vulnerability in Jaegertracing Jaeger UI before v.1.31.0 allows a remote attacker to execute arbitrary code via the KeyValuesTable component.
CVE-2023-36655 1 Prolion 1 Cryptospike 2024-11-21 9.8 Critical
The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP or Active Directory is used as the users store) allows a remote blocked user to login and obtain an authentication token by specifying a username with different uppercase/lowercase character combination.
CVE-2023-36654 1 Prolion 1 Cryptospike 2024-11-21 6.5 Medium
Directory traversal in the log-download REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to download host server SSH private keys (associated with a Linux root user) by injecting paths inside REST API endpoint parameters.
CVE-2023-36651 1 Prolion 1 Cryptospike 2024-11-21 7.2 High
Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials.
CVE-2023-36650 1 Prolion 1 Cryptospike 2024-11-21 7.2 High
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages.
CVE-2023-36649 1 Prolion 1 Cryptospike 2024-11-21 9.1 Critical
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication.
CVE-2023-36648 1 Prolion 1 Cryptospike 2024-11-21 8.2 High
Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka (as consumer and producer).
CVE-2023-36646 1 Prolion 1 Cryptospike 2024-11-21 8.8 High
Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation.
CVE-2023-36642 1 Fortinet 1 Fortitester 2024-11-21 6.5 Medium
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.