βΌ CVE-2023-30436 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43907 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4557 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_purchase_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238158 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4558 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staff_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238159.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-43909 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30435 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38730 βΌ
π Read
via "National Vulnerability Database".
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 262268.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30437 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4559 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-238160.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33852 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.π Read
via "National Vulnerability Database".
β€1
βΌ CVE-2022-43904 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38024 βΌ
π Read
via "National Vulnerability Database".
SpotCam Co., Ltd. SpotCam FHD 2Γ’β¬β’s hidden Telnet function has a vulnerability of using hard-coded Telnet credentials. An remote unauthenticated attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23473 βΌ
π Read
via "National Vulnerability Database".
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24959 βΌ
π Read
via "National Vulnerability Database".
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38026 βΌ
π Read
via "National Vulnerability Database".
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22877 βΌ
π Read
via "National Vulnerability Database".
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26270 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4561 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26271 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 248126.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38027 βΌ
π Read
via "National Vulnerability Database".
SpotCam Co., Ltd. SpotCam SenseΓ’β¬β’s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to perform arbitrary system commands or disrupt service.π Read
via "National Vulnerability Database".