CVE-2023-23629 - Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a dashboard subscription, add people with fewer data privileges, and all recipients of that subscription receive the same data: the charts shown in the email would abide by the privileges of the user who created the subscription. The issue is users with fewer privileges who can view a dashboard are able to add themselves to a dashboard subscription created by someone with additional data privileges, and thus get access to more data via email. This issue is patched in versions 0.43.7.1, 1.43.7.1, 0.44.6.1, 1.44.6.1, 0.45.2.1, and 1.45.2.1. On Metabase instances running Enterprise Edition, admins can disable the "Subscriptions and Alerts" permission for groups that have restricted data permissions, as a workaround.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23629
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23628 - Metabase is an open source data analytics platform. Affected versions are subject to Exposure of Sensitive Information to an Unauthorized Actor. Sandboxed users shouldn't be able to view data about other Metabase users anywhere in the Metabase application. However, when a sandbox user views the settings for a dashboard subscription, and another user has added users to that subscription, the sandboxed user is able to view the list of recipients for that subscription. This issue is patched in versions 0.43.7.1, 1.43.7.1, 0.44.6.1, 1.44.6.1, 0.45.2.1, and 1.45.2.1. There are no workarounds.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23628
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23627 - Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows `noscript` elements, attackers are able to include arbitrary HTML, resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. The default configurations do not allow `noscript` elements and are not vulnerable. This issue only affects users who are using a custom config that adds `noscript` to the element allowlist. This issue has been patched in version 6.0.1. Users who are unable to upgrade can prevent this issue by using one of Sanitize's default configs or by ensuring that their custom config does not include `noscript` in the element allowlist.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23627
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23624 - Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches, someone can use the `exclude_tag param` to filter out topics and deduce which ones were using a specific hidden tag. This affects any Discourse site using hidden tags in public categories. This issue is patched in version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches. As a workaround, secure any categories that are using hidden tags, change any existing hidden tags to not include private data, or remove any hidden tags currently in use.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23624
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23621 - Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and `tests-passed` branches. There are no known workarounds.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23621
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23620 - Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, the contents of latest/top routes for restricted tags can be accessed by unauthorized users. This issue is patched in version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches. There are no known workarounds.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23620
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23617 - OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23617
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23616 - Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, when submitting a membership request, there is no character limit for the reason provided with the request. This could potentially allow a user to flood the database with a large amount of data. However it is unlikely this could be used as part of a DoS attack, as the paths reading back the reasons are only available to administrators. Starting in version 3.0.1 on the `stable` branch and 3.1.0.beta2 on the `beta` and `tests-passed` branches, a limit of 280 characters has been introduced for membership requests.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23616
Partager : LinkedIn / Twitter / Facebook

CVE-2023-22737 - wire-server provides back end services for Wire, a team communication and collaboration platform. Prior to version 2022-12-09, every member of a Conversation can remove a Bot from a Conversation due to a missing permissions check. Only Conversation admins should be able to remove Bots. Regular Conversations are not allowed to do so. The issue is fixed in wire-server 2022-12-09 and is already deployed on all Wire managed services. On-premise instances of wire-server need to be updated to 2022-12-09/Chart 4.29.0, so that their backends are no longer affected. There are no known workarounds.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-22737
Partager : LinkedIn / Twitter / Facebook

CVE-2022-39324 - Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker's injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-39324
Partager : LinkedIn / Twitter / Facebook

CVE-2022-23552 - Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-23552
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0558 - The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper API keys.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0558
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0557 - The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0557
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0556 - The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata (via the function cstu_get_metadata) that includes the plugin's contentstudio_token. Knowing this token allows for other interactions with the plugin such as creating posts in versions prior to 1.2.5, which added other requirements to posting and updating.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0556
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4255 - An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4255
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4205 - In Gitlab EE/CE before 15.6.1, 15.5.5 and 15.4.6 using a branch with a hexadecimal name could override an existing hash.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4205
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4201 - A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4201
Partager : LinkedIn / Twitter / Facebook

CVE-2022-46968 - A stored cross-site scripting (XSS) vulnerability in /index.php?page=help of Revenue Collection System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into sent messages.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-46968
Partager : LinkedIn / Twitter / Facebook

CVE-2022-43980 - There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-43980
Partager : LinkedIn / Twitter / Facebook

CVE-2022-43979 - There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. A function is called to check that the parameter that the user has inserted does not contain malicious characteres, but this check is insufficient. An attacker could insert an absolute path to overcome the heck, thus being able to incluse any PHP file that resides on the disk. The exploitation of this vulnerability could lead to a remote code execution.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-43979
Partager : LinkedIn / Twitter / Facebook

CVE-2022-43978 - There is an improper authentication vulnerability in Pandora FMS v764. The application verifies that the user has a valid session when he is not trying to do a login. Since the secret is static in generatePublicHash function, an attacker with knowledge of a valid session can abuse this in order to pass the authentication check.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-43978
Partager : LinkedIn / Twitter / Facebook

CVE-2022-39813 - Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-39813
Partager : LinkedIn / Twitter / Facebook

CVE-2022-39812 - Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request (not possible using the GUI) to an arbitrary directory. Because the application does not check in which directory a file will be uploaded, an attacker can perform a variety of attacks that can result in unauthorized access to the server.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-39812
Partager : LinkedIn / Twitter / Facebook

CVE-2022-39811 - Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it allows an attacker to view pages that are not allowed, and modify the system configuration, bypassing all controls (without checking for user identity).
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-39811
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0555 - The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those actions intended for administrator use. Actions include menu item creation, update and deletion and other menu management functions. Since the plugin does not verify that a post ID passed to one of its AJAX actions belongs to a menu item, this can lead to arbitrary post deletion/alteration.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0555
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0554 - The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to update menu items, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0554
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0553 - The Quick Restaurant Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0553
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0550 - The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu item. This makes it possible for authenticated attackers, with subscriber-level access or higher, to modify or delete arbitrary posts.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0550
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48108 - D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48108
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48107 - D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48107
Partager : LinkedIn / Twitter / Facebook

CVE-2022-39380 - Wire web-app is part of Wire communications. Versions prior to 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error makes it impossible to display the affected chat history, other conversations are not affected. The issue has been fixed in version 2022-11-02 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-11-02-production.0-v0.31.9-0-337e400 or wire-server 2022-11-03 (chart/4.26.0), so that their applications are no longer affected. As a workaround, you may use an iOS or Android client and delete the corresponding message from the history OR write 30 or more messages into the affected conversation to prevent the client from further rendering of the corresponding message. When attempting to retrieve messages from the conversation history, the error will continue to occur once the malformed message is part of the result.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-39380
Partager : LinkedIn / Twitter / Facebook

CVE-2019-25053 - A path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote unauthenticated attackers to access files outside of the web tree via a crafted URL.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2019-25053
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48118 - Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Acronym parameter.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48118
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48116 - AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48116
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0549 - A vulnerability, which was classified as problematic, has been found in YAFNET 3.1.9/3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.11 is able to address this issue. The name of the patch is 2237a9d552e258a43570bb478a92a5505e7c8797. It is recommended to upgrade the affected component. The identifier VDB-219665 was assigned to this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0549
Partager : LinkedIn / Twitter / Facebook

CVE-2021-41231 - OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2021-41231
Partager : LinkedIn / Twitter / Facebook

CVE-2021-41144 - OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, a layout block was able to bypass the block blacklist to execute remote code. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2021-41144
Partager : LinkedIn / Twitter / Facebook

CVE-2021-41143 - OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2021-41143
Partager : LinkedIn / Twitter / Facebook

CVE-2023-22242 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-22242
Partager : LinkedIn / Twitter / Facebook

CVE-2023-22241 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-22241
Partager : LinkedIn / Twitter / Facebook

CVE-2023-22240 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-22240
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4335 - A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4335
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4285 - An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4285
Partager : LinkedIn / Twitter / Facebook

CVE-2022-4139 - An incorrect TLB flush issue was found in the Linux kernel's GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-4139
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48013 - Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48013
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48012 - Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /opencats/index.php?m=settings&a=ajax_tags_upd.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48012
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48011 - Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48011
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48010 - LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Welcome-message text fields.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48010
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48008 - An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48008
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48007 - A stored cross-site scripting (XSS) vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48007
Partager : LinkedIn / Twitter / Facebook

CVE-2021-39217 - OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2021-39217
Partager : LinkedIn / Twitter / Facebook

CVE-2021-21395 - Magneto LTS (Long Term Support) is a community developed alternative to the Magento CE official releases. Versions prior to 19.4.22 and 20.0.19 are vulnerable to Cross-Site Request Forgery. The password reset form is vulnerable to CSRF between the time the reset password link is clicked and user submits new password. This issue is patched in versions 19.4.22 and 20.0.19. There are no workarounds.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2021-21395
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48073 - Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48073
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48072 - Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48072
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48071 - Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48071
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48070 - Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48070
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48069 - Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48069
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48067 - An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48067
Partager : LinkedIn / Twitter / Facebook

CVE-2022-48066 - An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-48066
Partager : LinkedIn / Twitter / Facebook

CVE-2022-47632 - Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if the malicious DLLs are unsigned, it suffices to use self-signed DLLs. The validity of the DLL signatures is not checked. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-47632
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44718 - An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44718
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44717 - An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44717
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44715 - Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44715
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44298 - SiteServer CMS 7.1.3 is vulnerable to SQL Injection.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44298
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44029 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44029
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44028 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44028
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44027 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44027
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44026 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44026
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44025 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44025
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44024 - An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44024
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0534 - A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file admin/expense_report.php. The manipulation of the argument to_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-219603.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0534
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0533 - A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-219602 is the identifier assigned to this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0533
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0532 - A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapprove_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219601 was assigned to this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0532
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0531 - A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/booking_report.php. The manipulation of the argument to_date leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219600.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0531
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0530 - A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/approve_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-219599.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0530
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0529 - A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/add_payment.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219598 is the identifier assigned to this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0529
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0528 - A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/abc.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219597 was assigned to this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0528
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0527 - A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input ">alert(document.domain) leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219596.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0527
Partager : LinkedIn / Twitter / Facebook

CVE-2022-2712 - In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-2712
Partager : LinkedIn / Twitter / Facebook

CVE-2020-36659 - In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2020-36659
Partager : LinkedIn / Twitter / Facebook

CVE-2020-36658 - In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2020-36658
Partager : LinkedIn / Twitter / Facebook

CVE-2023-24060 - Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-24060
Partager : LinkedIn / Twitter / Facebook

CVE-2023-22740 - Discourse is an open source platform for community discussion. Versions prior to 3.1.0.beta1 (beta) (tests-passed) are vulnerable to Allocation of Resources Without Limits. Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the server. Additionally, an unlimited number of drafts were loaded when loading the user. This issue has been patched in version 2.1.0.beta1 (beta) and (tests-passed). Users should upgrade to the latest version where a limit has been introduced. There are no workarounds available.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-22740
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42385 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18654.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42385
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42384 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18653.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42384
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42383 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18652.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42383
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42382 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18651.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42382
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42381 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18650.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42381
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42380 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18649.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42380
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42379 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18648.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42379
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42378 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18631.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42378
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42377 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42377
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42376 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18529.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42376
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42375 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18404.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42375
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42374 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18403.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42374
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42373 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18402.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42373
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42372 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18347.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42372
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42371 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18346.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42371
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42370 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18345.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42370
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42369 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18344.
26/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42369
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2022-42423 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18716.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42423
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42421 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18703.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42421
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42420 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18686.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42420
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42419 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18700.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42419
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42418 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18677.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42418
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42417 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18676.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42417
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42416 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18673.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42416
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42415 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18366.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42415
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42414 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18326.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42414
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42410 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PGM files. Crafted data in a PGM file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18365.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42410
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42409 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18315.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42409
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42408 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18543.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42408
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23014 - Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c (on Apr 23, 2021) via edit_store_name and edit_active inputs in file InventorySystem.php.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23014
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23012 - Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23012
Partager : LinkedIn / Twitter / Facebook

CVE-2023-23010 - Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-23010
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0101 - A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0101
Partager : LinkedIn / Twitter / Facebook

CVE-2022-47015 - MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-47015
Partager : LinkedIn / Twitter / Facebook

CVE-2022-47012 - Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-47012
Partager : LinkedIn / Twitter / Facebook

CVE-2022-45748 - An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.
28/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-45748
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0519 - Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0519
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0493 - Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0493
Partager : LinkedIn / Twitter / Facebook

CVE-2022-46967 - An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-46967
Partager : LinkedIn / Twitter / Facebook

CVE-2022-46966 - Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-46966
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0509 - Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0509
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0488 - Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0488
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0470 - Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0470
Partager : LinkedIn / Twitter / Facebook

CVE-2023-0455 - Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2023-0455
Partager : LinkedIn / Twitter / Facebook

CVE-2022-47951 - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-47951
Partager : LinkedIn / Twitter / Facebook

CVE-2022-45770 - Improper input validation in driver adgnetworkwfpdrv.sys in Adguard For Windows x86 up to version 7.11 allows attacker to gain local privileges escalation.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-45770
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44264 - Dentsply Sirona Sidexis
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44264
Partager : LinkedIn / Twitter / Facebook

CVE-2022-44263 - Dentsply Sirona Sidexis
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-44263
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42493 - Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_INFO command.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42493
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42492 - Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_AD command.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42492
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42491 - Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's M2M_CONFIG_SET command
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42491
Partager : LinkedIn / Twitter / Facebook

CVE-2022-42490 - Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_CFG_FILE command
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-42490
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41991 - A heap-based buffer overflow vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41991
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41154 - A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigger this vulnerability.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41154
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41030 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no wlan filter mac address WORD descript WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41030
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41029 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'wlan filter mac address WORD descript WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41029
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41028 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41028
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41027 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41027
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41026 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn pptp advanced name WORD dns (yes|no) mtu mru mppe (on|off) stateful (on|off) options WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41026
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41025 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn pptp advanced name WORD dns (yes|no) mtu mru mppe (on|off) stateful (on|off) options WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41025
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41024 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn pptp advanced name WORD dns (yes|no) mtu mru mppe (on|off) stateful (on|off)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41024
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41023 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn pptp advanced name WORD dns (yes|no) mtu mru mppe (on|off) stateful (on|off)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41023
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41022 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn l2tp advanced name WORD dns (yes|no) mtu mru auth (on|off) password (WORD|null) options WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41022
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41021 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn l2tp advanced name WORD dns (yes|no) mtu mru auth (on|off) password (WORD|null) options WORD' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41021
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41020 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn l2tp advanced name WORD dns (yes|no) mtu mru auth (on|off) password (WORD|null)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41020
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41019 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn l2tp advanced name WORD dns (yes|no) mtu mru auth (on|off) password (WORD|null)' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41019
Partager : LinkedIn / Twitter / Facebook

CVE-2022-41018 - Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off) localip A.B.C.D' command template.
27/01/2023 | https://nvd.nist.gov/vuln/detail/CVE-2022-41018
Partager : LinkedIn / Twitter / Facebook