CVE-2023-1050 : AS KOC ENERGY WEB REPORT SYSTEM PRIOR 23.03.10 SQL INJECTION
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in As Koc Energy Web Report
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in As Koc Energy Web Report
Description In affected versions, a path traversal exists when processing a message in Rockwell Automation’s ThinManager ThinServer. An unauthenticated remote
Description A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard
Description A vulnerability, which was classified as critical, was found in RockOA 2.3.2. This affects the function runAction of the
Description Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an
Description The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which
Description TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form
Description Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415 For More Information MITRE
Description Due to missing authentication check, SAP NetWeaver AS for Java – version 7.50, allows an unauthenticated attacker to attach
Description Memory corruption due to improper validation of array index in Multi-mode call processor. References https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin For More Information MITRE
Description Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13. References https://github.com/froxlor/froxlor/commit/6777fbf229200f4fd566022e186548391219ab23 https://huntr.dev/bounties/5fe85af4-a667-41a9-a00d-f99e07c5e2f1 For More Information MITRE
Description wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime’s code generator, Cranelift, has a bug
Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in MedData Informatics MedDataPACS.This issue affects
Description Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do
Description XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it’s possible to inject arbitrary wiki
Description Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle Attack. This issue affects Symphony
Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish
Description The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could
Description In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. References https://lkml.org/lkml/2023/2/22/3 For
Description Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from
Description An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if
Description A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended
Description Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the