| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. |
| Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. |
| A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261440. |
| Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12. |
| Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. |
| Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12. |
| Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12. |
| Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12. |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
|
| Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
|
| Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12. |
| Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8. |
| A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF payload hosted on the malicious site would execute HTTP transactions on behalf of the LoadMaster administrator. |
| ONTAP Select Deploy administration utility versions 9.12.1.x,
9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an
attacker to view Deploy configuration information and modify the
account credentials.
|
| ONTAP Select Deploy administration utility versions 9.12.1.x,
9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when
successfully exploited could allow a read-only user to escalate their
privileges.
|
| A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260272. |
