Search Results (8907 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-6069 1 Froxlor 1 Froxlor 2024-11-21 9.9 Critical
Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0.
CVE-2023-6014 1 Lfprojects 1 Mlflow 2024-11-21 9.8 Critical
An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.
CVE-2023-5834 1 Hashicorp 1 Vagrant 2024-11-21 3.8 Low
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.
CVE-2023-5720 1 Quarkus 1 Quarkus 2024-11-21 7.7 High
A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application.
CVE-2023-5552 1 Sophos 1 Firewall 2024-11-21 7.1 High
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
CVE-2023-5499 1 Reachfargps 2 Reachfar Gps, Reachfar Gps Firmware 2024-11-21 7.5 High
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.
CVE-2023-5339 1 Mattermost 1 Mattermost Desktop 2024-11-21 4.7 Medium
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged. 
CVE-2023-5297 1 Rockoa 1 Rockoa 2024-11-21 3.7 Low
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927.
CVE-2023-5183 1 Illumio 1 Core Policy Compute Engine 2024-11-21 9.9 Critical
Unsafe deserialization of untrusted JSON allows execution of arbitrary code on affected releases of the Illumio PCE. Authentication to the API is required to exploit this vulnerability. The flaw exists within the network_traffic API endpoint. An attacker can leverage this vulnerability to execute code in the context of the PCE’s operating system user.  
CVE-2023-5182 1 Canonical 1 Subiquity 2024-11-21 5.5 Medium
Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.
CVE-2023-5016 1 Ssssssss 1 Spider-flow 2024-11-21 6.3 Medium
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239857 was assigned to this vulnerability.
CVE-2023-52338 1 Trendmicro 2 Deep Security, Deep Security Agent 2024-11-21 7.8 High
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2023-51654 1 Brother 1 Iprint\&scan 2024-11-21 5.5 Medium
Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the PC.
CVE-2023-50954 1 Ibm 1 Infosphere Information Server 2024-11-21 4.3 Medium
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: 275776.
CVE-2023-50328 1 Ibm 1 Powersc 2024-11-21 3.7 Low
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110.
CVE-2023-50311 1 Ibm 1 Cics Transaction Gateway 2024-11-21 3.1 Low
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages.
CVE-2023-50305 1 Ibm 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access 2024-11-21 5.1 Medium
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336.
CVE-2023-50252 1 Dompdf 1 Php-svg-lib 2024-11-21 8.3 High
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling `<use>` tag that references an `<image>` tag, it merges the attributes from the `<use>` tag to the `<image>` tag. The problem pops up especially when the `href` attribute from the `<use>` tag has not been sanitized. This can lead to an unsafe file read that can cause PHAR Deserialization vulnerability in PHP prior to version 8. Version 0.5.1 contains a patch for this issue.
CVE-2023-4933 1 Awsm 1 Wp Job Openings 2024-11-21 5.3 Medium
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
CVE-2023-4759 4 Apple, Eclipse, Microsoft and 1 more 4 Macos, Jgit, Windows and 1 more 2024-11-21 8.8 High
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). This can be exploited for remote code execution (RCE), for instance if the file written outside the working tree is a git filter that gets executed on a subsequent git command. The issue occurs only on case-insensitive filesystems, like the default filesystems on Windows and macOS. The user performing the clone or checkout must have the rights to create symbolic links for the problem to occur, and symbolic links must be enabled in the git configuration. Setting git configuration option core.symlinks = false before checking out avoids the problem. The issue was fixed in Eclipse JGit version 6.6.1.202309021850-r and 6.7.0.202309050840-r, available via Maven Central https://repo1.maven.org/maven2/org/eclipse/jgit/  and repo.eclipse.org https://repo.eclipse.org/content/repositories/jgit-releases/ . A backport is available in 5.13.3 starting from 5.13.3.202401111512-r. The JGit maintainers would like to thank RyotaK for finding and reporting this issue.