๐จ CVE-2023-36612
Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme.
๐@cveNotify
Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme.
๐@cveNotify
HackerOne
Basecamp disclosed on HackerOne: Arbitrary write in the...
A path traversal vulnerability was identified in the Android application `com.basecamp.bc3` version `3.26.3`, which may allow an attacker to write arbitrary files in the application's private...
๐จ CVE-2023-36630
In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass.
๐@cveNotify
In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass.
๐@cveNotify
www.cloudpanel.io
Changelog | CloudPanel | Documentation
v2.5.3 - [2025-12-04]
๐จ CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.
๐@cveNotify
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.
๐@cveNotify
๐จ CVE-2023-36632
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class.
๐@cveNotify
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class.
๐@cveNotify
Python documentation
email.utils: Miscellaneous utilities
Source code: Lib/email/utils.py There are a couple of useful utilities provided in the email.utils module: The remaining functions are part of the legacy ( Compat32) email API. There is no need to ...
๐จ CVE-2023-3396
A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232351.
๐@cveNotify
A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232351.
๐@cveNotify
Vuldb
CVE-2023-3396 Campcodes Retro Cellphone Online Store index.php sql injection
A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. This vulnerability is known as CVE-2023-3396. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
๐จ CVE-2023-27476
OWSLib is a Python package for client programming with Open Geospatial Consortium (OGC) web service interface standards, and their related content models. OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase. This issue has been addressed in version 0.28.1. All users are advised to upgrade. The only known workaround is to patch the library manually. See `GHSA-8h9c-r582-mggc` for details.
๐@cveNotify
OWSLib is a Python package for client programming with Open Geospatial Consortium (OGC) web service interface standards, and their related content models. OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase. This issue has been addressed in version 0.28.1. All users are advised to upgrade. The only known workaround is to patch the library manually. See `GHSA-8h9c-r582-mggc` for details.
๐@cveNotify
GitHub
XML External Entity (XXE) Injection in OWSLib
### Impact
OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution for `lxml`, and could lead to arbitrary file reads from an attacker-controlled ...
OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution for `lxml`, and could lead to arbitrary file reads from an attacker-controlled ...
๐จ CVE-2023-36663
it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.
๐@cveNotify
it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.
๐@cveNotify
GitHub
ITC-3017 by nook24 ยท Pull Request #1519 ยท it-novum/openITCOCKPIT
openITCOCKPIT is an Open Source system monitoring tool built for different monitoring engines like Nagios, Naemon and Prometheus. - ITC-3017 by nook24 ยท Pull Request #1519 ยท it-novum/openITCOCKPIT
๐จ CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
๐@cveNotify
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
๐@cveNotify
๐จ CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.
๐@cveNotify
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.
๐@cveNotify
๐จ CVE-2023-36666
INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php may be affected.
๐@cveNotify
INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php may be affected.
๐@cveNotify
GitHub
Comparing v6.3.0...v6.3.1 ยท inex/IXP-Manager
Full stack web application powering peering at over 200 Internet Exchange Points (IXPs) globally. - Comparing v6.3.0...v6.3.1 ยท inex/IXP-Manager
๐จ CVE-2023-36661
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
๐@cveNotify
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
๐@cveNotify
๐จ CVE-2023-36675
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
๐@cveNotify
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
๐@cveNotify
๐จ CVE-2023-36662
The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24.
๐@cveNotify
The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24.
๐@cveNotify
techtime.co.nz
Atlassian Partner, Wellington - Security Vulnerability Affecting User Management
A stored XSS vulnerability was discovered in User Management versions between 2.0.0 and 2.17.1
๐จ CVE-2023-27116
WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleType.
๐@cveNotify
WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleType.
๐@cveNotify
GitHub
Aborted in CWriter::MangleType at wasm2c ยท Issue #1984 ยท WebAssembly/wabt
Title Aborted in CWriter::MangleType at wasm2c Environment OS : Linux ubuntu 5.15.0-46-generic #49~20.04.1-Ubuntu SMP Thu Aug 4 19:15:44 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux Commit : 3054d61f703...
๐จ CVE-2023-30300
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.
๐@cveNotify
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.
๐@cveNotify
GitHub
wasm2c hangs on certain inputs and cannot finish execution for a while. ยท Issue #2180 ยท WebAssembly/wabt
Describe the bug Certain hang.wasm causes wasm2c an infinite loop. wasm2c tries to access a memory that is not permitted instead of providing type mismatch error for a while. wasm2c --version: 1.0....
๐จ CVE-2023-31669
WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (").
๐@cveNotify
WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (").
๐@cveNotify
GitHub
'@' before a quote (") causes a libc++abi.dylib crash using wat2wasm. ยท Issue #2165 ยท WebAssembly/wabt
Describe the bug '@' before a quote (") causes a libc++abi.dylib crash while converting ".wat" format into ".wasm" format using wat2wasm. wat2wasm --version: 1.0.32...
๐จ CVE-2023-36631
** DISPUTED ** Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked using a password."
๐@cveNotify
** DISPUTED ** Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked using a password."
๐@cveNotify
๐จ CVE-2023-2778
A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.
๐@cveNotify
A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.
๐@cveNotify
๐จ CVE-2023-2827
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.
๐@cveNotify
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.
๐@cveNotify
๐จ CVE-2021-26637
There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.
๐@cveNotify
There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.
๐@cveNotify
๐จ CVE-2021-3433
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp
๐@cveNotify
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp
๐@cveNotify
GitHub
BT: Invalid channel map in CONNECT_IND results to Deadlock
### Impact
BT: Invalid channel map in CONNECT_IND results to Deadlock
### Patches
This has been fixed in:
- main #33278
- v2.5: #33369
- v1.14: TBD
### For more information
If you have ...
BT: Invalid channel map in CONNECT_IND results to Deadlock
### Patches
This has been fixed in:
- main #33278
- v2.5: #33369
- v1.14: TBD
### For more information
If you have ...