Common Vulnerabilities and Exposures

Description A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary

Description An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading

Description A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an

Description With a specially crafted WebP lossless file, libwebp may write data out of bounds to the heap. The ReadHuffmanCodes()

Description Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE)

Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe,

Description SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly,

Description ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An

Description JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version

Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Ncode Ncep allows SQL Injection.This

Description Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of

Description User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer,

Description IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP

Description Potential security vulnerabilities have been identified in Hewlett Packard Enterprise OneView Software. These vulnerabilities could be remotely exploited to

Description A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services

Description Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. References https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin For More Information CVERecord

Description A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is

Description Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected

Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability

Description Due to improper input validation, a remote attacker could execute arbitrary commands on the target system. References https://csirt.divd.nl/CVE-2023-25915 https://csirt.divd.nl/DIVD-2023-00025

Description N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login

Description Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior

Description Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for

Description IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on