All

Latest

CVE-2023-3767 (webserver)

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the...

CVE Notifications

Popular

CVE-2020-9395

An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2’s 4-way-handshake via a malformed...

CERT Insider Threats

Latest
Loading

Disinformation

Popular

‘Stop the Steal’ Movement

SHARE AND INFORM OTHERS:.fusion-body .fusion-builder-column-0{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-0 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px...

CERT-Vulnerabilities, National Cyber Awareness

Latest

SANS ISC Bulletins

Latest
Loading

CVE-2023-39377 (siberiancms)

SiberianCMS – CWE-434: Unrestricted Upload of File with Dangerous Type – A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method

CVE-2023-20227

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is...

CVE-2023-40045 (ws_ftp_server)

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server’s Ad Hoc Transfer module.  An attacker could leverage this vulnerability to target WS_FTP...

CVE-2023-20252

A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user....

CVE-2023-40044 (ws_ftp_server)

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server...

CVE-2023-5184

 Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.

CVE-2023-40046 (ws_ftp_server)

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and...

CVE-2023-43192

SQL injection can exist in a newly created part of the JFinalcms background, and the parameters submitted by users are not filtered. As a result, special characters in parameters destroy the original logic of SQL statements....

CVE-2023-40047 (ws_ftp_server)

In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server’s Management module. An attacker with administrative privileges could import a SSL certificate with...

CVE-2023-43660

Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn’t need special client apps. The SSH key verification for a user can be bypassed by sending an SSH key offer without a signature. This allows...

CVE-2023-40048 (ws_ftp_server)

In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.

CVE-2023-44080

An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker to execute arbitrary code via a crafted request to the branchList component.

CVE-2023-41445

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component.

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.

CVE-2023-41451

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.

CVE-2023-41449

An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.

CVE-2023-40426 (macos)

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences.

CVE-2023-43191

JFinalCMS foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user’s browser will be controlled by...

CVE-2023-41448

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component.

CVE-2023-41452

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.

CVE-2023-43233

A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.

CVE-2023-43320

An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing...

CVE-2023-40436 (macos)

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An attacker may be able to cause unexpected system termination or read kernel memory.

CVE-2023-43314

Buffer Overflow vulnerability in ZYXEL ZYXEL v.PMG2005-T20B allows a remote attacker to cause a denial of service via a crafted script to the uid parameter in the cgi-bin/login.asp component.

CVE-2023-41233 (welcart_e-commerce)

Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

CVE-2023-42822

xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the...

CVE-2023-43610 (welcart_e-commerce)

SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.

CVE-2023-44013 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.

CVE-2023-44014 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.

CVE-2023-40026

Argo CD is a declarative continuous deployment framework for Kubernetes. In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specifically-crafted Helm file...

CVE-2023-44015 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.

CVE-2023-4066

A flaw was found in Red Hat’s AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details...

CVE-2023-43651

JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to...

CVE-2023-42818

JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by...

CVE-2023-44016 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

CVE-2023-43656

matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions (those that have `generic.allowJsTransformationFunctions` in their...

CVE-2023-44022 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

CVE-2023-20262

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent...

CVE-2023-44019 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.

CVE-2023-20254

A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst...

CVE-2023-20253

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on...

CVE-2023-44020 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.

CVE-2023-33972

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same...

CVE-2023-44018 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.

CVE-2023-43650

JumpServer is an open source bastion host. The verification code for resetting user’s password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset...

CVE-2023-44023 (ac10u_firmware)

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

CVE-2023-43652

JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a password or the corresponding SSH private key. An SSH...

Loading