🚨 CVE-2023-33438
A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML.

🎖@cveNotify

🚨 CVE-2023-30905
The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.

🎖@cveNotify

🚨 CVE-2023-30904
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.

🎖@cveNotify

🚨 CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.

🎖@cveNotify

🚨 CVE-2023-34459
OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`, `verifyMultiProofCalldata`, `procesprocessMultiProof`, or `processMultiProofCalldat` functions are in use, it is possible to construct merkle trees that allow forging a valid multiproof for an arbitrary set of leaves.

A contract may be vulnerable if it uses multiproofs for verification and the merkle tree that is processed includes a node with value 0 at depth 1 (just under the root). This could happen inadvertedly for balanced trees with 3 leaves or less, if the leaves are not hashed. This could happen deliberately if a malicious tree builder includes such a node in the tree.

A contract is not vulnerable if it uses single-leaf proving (`verify`, `verifyCalldata`, `processProof`, or `processProofCalldata`), or if it uses multiproofs with a known tree that has hashed leaves. Standard merkle trees produced or validated with the @openzeppelin/merkle-tree library are safe.

The problem has been patched in version 4.9.2.

Some workarounds are available. For those using multiproofs: When constructing merkle trees hash the leaves and do not insert empty nodes in your trees. Using the @openzeppelin/merkle-tree package eliminates this issue. Do not accept user-provided merkle roots without reconstructing at least the first level of the tree. Verify the merkle tree structure by reconstructing it from the leaves.

🎖@cveNotify

🚨 CVE-2023-3295
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers, with contributor-level permissions and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The issue was partially patched in version 1.5.66 and fully patched in 1.5.67

🎖@cveNotify

🚨 CVE-2023-28295
Microsoft Publisher Remote Code Execution Vulnerability

🎖@cveNotify

🚨 CVE-2023-28287
Microsoft Publisher Remote Code Execution Vulnerability

🎖@cveNotify

🚨 CVE-2023-34756
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.

🎖@cveNotify

🚨 CVE-2023-34755
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.

🎖@cveNotify

🚨 CVE-2023-34753
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.

🎖@cveNotify

🚨 CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.

🎖@cveNotify

🚨 CVE-2023-34751
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.

🎖@cveNotify

🚨 CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.

🎖@cveNotify

🚨 CVE-2023-34750
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.

🎖@cveNotify

🚨 CVE-2023-3230
Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0.

🎖@cveNotify

🚨 CVE-2023-3228
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.

🎖@cveNotify

🚨 CVE-2023-3227
Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0.

🎖@cveNotify

🚨 CVE-2023-3189
A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 1.0. This affects an unknown part of the file /paysystem/branch.php of the component POST Parameter Handler. The manipulation of the argument branch leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231501 was assigned to this vulnerability.

🎖@cveNotify

🚨 CVE-2023-33817
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability.

🎖@cveNotify

🚨 CVE-2023-32683
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the `url_preview_url_blacklist` setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the `url_preview_ip_range_blacklist` setting (by default this only allows public IPs) and by the limited information returned to the client: 1. For discovered oEmbed URLs, any non-JSON response or a JSON response which includes non-oEmbed information is discarded. 2. For discovered image URLs, any non-image response is discarded. Systems which have URL preview disabled (via the `url_preview_enabled` setting) or have not configured a `url_preview_url_blacklist` are not affected. This issue has been addressed in version 1.85.0. Users are advised to upgrade. User unable to upgrade may also disable URL previews.

🎖@cveNotify