Description Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13. References https://github.com/froxlor/froxlor/commit/6777fbf229200f4fd566022e186548391219ab23 https://huntr.dev/bounties/5fe85af4-a667-41a9-a00d-f99e07c5e2f1 For More Information MITRE
All About Sensitive Data Exposure Sensitive data exposure is a critical issue that affects individuals and organizations around the world.
Description wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime’s code generator, Cranelift, has a bug
Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in MedData Informatics MedDataPACS.This issue affects
Description Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do
Prophaze offers a wide range of cybersecurity solutions, including securing third-party API integrations. Helps to identify and mitigate potential security
Description XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it’s possible to inject arbitrary wiki
Description Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle Attack. This issue affects Symphony
Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish
Description The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could
Description In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. References https://lkml.org/lkml/2023/2/22/3 For
Description Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from
Description An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if
Description A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended
Description Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
Description A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7,
Description Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. References https://www.gov.il/en/Departments/faq/cve_advisories For More Information
Description Windows iSCSI Discovery Service Remote Code Execution Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21803 For More Information MITRE
Description Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a
Description Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and
Description Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user
Description Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary