A vulnerability classified as critical was found in Jumpserver up to 2.6.2. This vulnerability affects an unknown functionality of the component API. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Jumpserver up to 2.6.2 API access control
CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
CVE-2023-32336 : IBM INFOSPHERE INFORMATION SERVER 11.7 RMI SERVICE DESERIALIZATION
Description IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an
CVE-2023-32306 : TIME TRACKER UP TO 220.127.116.1191 REPORTS.PHP SQL INJECTION
Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running