โผ CVE-2023-32837 โผ
๐ Read
via "National Vulnerability Database".
In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-32836 โผ
๐ Read
via "National Vulnerability Database".
In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-32835 โผ
๐ Read
via "National Vulnerability Database".
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.๐ Read
via "National Vulnerability Database".
โผ CVE-2018-25093 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Tag Handler. The manipulation leads to improper access controls. Upgrading to version 2.10.3 is able to address this issue. The name of the patch is cc12e0be82a5d05d9f359ed8e56088f4f8b8eb69. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-244484.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-32839 โผ
๐ Read
via "National Vulnerability Database".
In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-45830 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.11.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-46783 โผ
๐ Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <=ร 1.2.13 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-46782 โผ
๐ Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <=ร 1.0.1 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-45373 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics allows SQL Injection.This issue affects Slimstat Analytics: from n/a through 5.0.4.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-45074 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter รขโฌโ Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter รขโฌโ Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-28748 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in biztechc Copy or Move Comments allows SQL Injection.This issue affects Copy or Move Comments: from n/a through 5.0.4.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-47432 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB allows SQL Injection.This issue affects Shortcode IMDB: from n/a through 6.0.8.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-42669 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-46823 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-47428 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-28794 โผ
๐ Read
via "National Vulnerability Database".
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38407 โผ
๐ Read
via "National Vulnerability Database".
bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-47420 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.11.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-45055 โผ
๐ Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-4699 โผ
๐ Read
via "National Vulnerability Database".
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-46822 โผ
๐ Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs Store Exporter for WooCommerce รขโฌโ Export Products, Export Orders, Export Subscriptions, and More plugin <=ร 2.7.2 versions.๐ Read
via "National Vulnerability Database".