Search Results (363719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33871 1 Iagona 1 Scrutisweb 2024-11-21 7.5 High
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot.
CVE-2023-33870 1 Intel 2 Administrative Tools For Intel Network Adapters, Ethernet Connections Boot Utility\, Preboot Images\, And Efi Drivers 2024-11-21 6.7 Medium
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-33868 1 Piigab 2 M-bus 900s, M-bus 900s Firmware 2024-11-21 5.9 Medium
The number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic authentication.
CVE-2023-33867 1 Intel 2 Realsense 450 Fa, Realsense 450 Fa Firmware 2024-11-21 4.4 Medium
Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-33859 1 Ibm 1 Security Qradar Edr 2024-11-21 5.3 Medium
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.
CVE-2023-33857 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2024-11-21 5.3 Medium
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695.
CVE-2023-33852 1 Ibm 1 Security Guardium 2024-11-21 7.6 High
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.
CVE-2023-33851 1 Ibm 1 Powervm Hypervisor 2024-11-21 5.3 Medium
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135.
CVE-2023-33840 1 Ibm 1 Security Verify Governance 2024-11-21 4.8 Medium
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037.
CVE-2023-33839 1 Ibm 1 Security Verify Governance 2024-11-21 7.2 High
IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 256036.
CVE-2023-33837 1 Ibm 1 Security Verify Governance 2024-11-21 4.1 Medium
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.
CVE-2023-33836 1 Ibm 1 Security Verify Governance 2024-11-21 5.3 Medium
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.
CVE-2023-33835 2 Ibm, Linux 2 Security Verify Information Queue, Linux Kernel 2024-11-21 4.3 Medium
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 256015.
CVE-2023-33834 2 Ibm, Linux 2 Security Verify Information Queue, Linux Kernel 2024-11-21 4.3 Medium
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-force ID: 256014.
CVE-2023-33833 2 Ibm, Linux 2 Security Verify Information Queue, Linux Kernel 2024-11-21 2.9 Low
IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013.
CVE-2023-33832 2 Ibm, Linux 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more 2024-11-21 6.2 Medium
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.
CVE-2023-33831 1 Frangoteam 1 Fuxa 2024-11-21 9.8 Critical
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.
CVE-2023-33802 1 Sumatrapdfreader 1 Sumatrapdf 2024-11-21 5.5 Medium
A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file.
CVE-2023-33800 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33799 1 Netbox 1 Netbox 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.