‼️CVE-2023-38678‼️
📖 Read more
Via "National Vulnerability Database"
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50921‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the adduser interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300NV2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52302‼️
📖 Read more
Via "National Vulnerability Database"
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52303‼️
📖 Read more
Via "National Vulnerability Database"
Nullptr in paddle.putalongaxis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52304‼️
📖 Read more
Via "National Vulnerability Database"
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52305‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52306‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52307‼️
📖 Read more
Via "National Vulnerability Database"
Stack overflow in paddle.linalg.luunpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52308‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52309‼️
📖 Read more
Via "National Vulnerability Database"
Heap buffer overflow in paddle.repeatinterleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52310‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in getonlinepassinterval. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52311‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in wgetdownload. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52312‼️
📖 Read more
Via "National Vulnerability Database"
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52313‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52314‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in convertshapecompare. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6621‼️
📖 Read more
Via "National Vulnerability Database"
The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected CrossSite Scripting which could be used against high privilege users such as admin.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6747‼️
📖 Read more
Via "National Vulnerability Database"
The Best WordPress Gallery Plugin FooGallery plugin for WordPress is vulnerable to Stored CrossSite Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6984‼️
📖 Read more
Via "National Vulnerability Database"
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to CrossSite Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the powerpackliteforelementorclassesclassppadminsettings.php file. This makes it possible for unauthenticated attackers to modify and reset plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7068‼️
📖 Read more
Via "National Vulnerability Database"
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprintpackinglist action in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriberlevel access and above, to export orders which can contain sensitive information.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51784‼️
📖 Read more
Via "National Vulnerability Database"
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong.This issue affects Apache InLong from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherrypick 1 to solve it. 1 httpsgithub.comapacheinlongpull9329 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51785‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong from 1.7.0 through 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache InLong's 1.10.0 or cherrypick 1 to solve it. 1 httpsgithub.comapacheinlongpull9331 📖 Read more
Via "National Vulnerability Database"