Description TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form
Description Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415 For More Information MITRE
Description Due to missing authentication check, SAP NetWeaver AS for Java – version 7.50, allows an unauthenticated attacker to attach
Description Memory corruption due to improper validation of array index in Multi-mode call processor. References https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin For More Information MITRE
What is SQL Injection? SQL injection is a type of cyber attack that targets web applications that use Structured Query
Description Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13. References https://github.com/froxlor/froxlor/commit/6777fbf229200f4fd566022e186548391219ab23 https://huntr.dev/bounties/5fe85af4-a667-41a9-a00d-f99e07c5e2f1 For More Information MITRE
All About Sensitive Data Exposure Sensitive data exposure is a critical issue that affects individuals and organizations around the world.
Description wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime’s code generator, Cranelift, has a bug
Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in MedData Informatics MedDataPACS.This issue affects
Description Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do
Prophaze offers a wide range of cybersecurity solutions, including securing third-party API integrations. Helps to identify and mitigate potential security
Description XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it’s possible to inject arbitrary wiki
Description Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle Attack. This issue affects Symphony
Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish
Description The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could
Description In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. References https://lkml.org/lkml/2023/2/22/3 For
Description Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from
Description An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if
Description A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended
Description Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the
Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on
Description A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7,
Description Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. References https://www.gov.il/en/Departments/faq/cve_advisories For More Information