๐จ CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
๐@cveNotify
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
๐@cveNotify
๐จ CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject5 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38863
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject4 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38862
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
๐@cveNotify
GitHub
my_iot_vul/COMFAST/CF-XR11/Command_Inject1 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
๐@cveNotify
GitHub
my_iot_vul/WAVLINK/WL-WN575A3 at main ยท TTY-flag/my_iot_vul
uplpad WL-WN575A3. Contribute to TTY-flag/my_iot_vul development by creating an account on GitHub.
๐จ CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
๐@cveNotify
๐จ CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
๐@cveNotify
๐จ CVE-2023-32562
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.
๐@cveNotify
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.
๐@cveNotify
๐จ CVE-2023-4282
The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove' and 'remove_private_data' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or above, to delete plugin settings.
๐@cveNotify
The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove' and 'remove_private_data' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or above, to delete plugin settings.
๐@cveNotify
๐จ CVE-2023-32564
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
๐@cveNotify
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
๐@cveNotify
๐จ CVE-2023-32563
An unauthenticated attacker could achieve the code execution through a RemoteControl server.
๐@cveNotify
An unauthenticated attacker could achieve the code execution through a RemoteControl server.
๐@cveNotify
๐จ CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php.
๐@cveNotify
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php.
๐@cveNotify
GitHub
vulnerability-report/webchess_CVE-2023-39851 at main ยท KLSEHB/vulnerability-report
Contribute to KLSEHB/vulnerability-report development by creating an account on GitHub.
๐จ CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php.
๐@cveNotify
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php.
๐@cveNotify
GitHub
vulnerability-report/Schoolmate_CVE-2023-39850 at main ยท KLSEHB/vulnerability-report
Contribute to KLSEHB/vulnerability-report development by creating an account on GitHub.
๐จ CVE-2023-39849
Pikachu v1.0 was discovered to contain a SQL injection vulnerability via the $username parameter at \inc\function.php.
๐@cveNotify
Pikachu v1.0 was discovered to contain a SQL injection vulnerability via the $username parameter at \inc\function.php.
๐@cveNotify
GitHub
GitHub - zhuifengshaonianhanlu/pikachu: ไธไธชๅฅฝ็ฉ็Webๅฎๅ
จ-ๆผๆดๆต่ฏๅนณๅฐ
ไธไธชๅฅฝ็ฉ็Webๅฎๅ
จ-ๆผๆดๆต่ฏๅนณๅฐ. Contribute to zhuifengshaonianhanlu/pikachu development by creating an account on GitHub.
๐จ CVE-2023-20564
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzenโข Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.
๐@cveNotify
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzenโข Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.
๐@cveNotify
AMD
AMD Ryzenโข Master Security Bulletin
๐จ CVE-2023-20560
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzenโข Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.
๐@cveNotify
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzenโข Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.
๐@cveNotify
AMD
AMD Ryzenโข Master Security Bulletin
๐จ CVE-2019-19921
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
๐@cveNotify
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
๐@cveNotify
GitHub
[CVE-2019-19921]: Volume mount race condition with shared mounts ยท Issue #2197 ยท opencontainers/runc
Disclosed in #2190. Here's the original report to security@opencontainers.org: Hi all, an attacker who controls the container image for two containers that share a volume can race volume mounts...
๐จ CVE-2023-27561
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
๐@cveNotify
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
๐@cveNotify
GitHub
CVE-2019-19921 re-introduction/regression ยท Issue #3751 ยท opencontainers/runc
Hi, I'm part of the Debian Long Term Support (LTS) team, and I'm currently working on an update for package runc. As explained in #2197 (comment) , while working on fixing CVE-2019-19921, I...
๐จ CVE-2023-38559
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
๐@cveNotify
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
๐@cveNotify
๐จ CVE-2023-20569
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.
๐@cveNotify
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.
๐@cveNotify
AMD
Return Address Security Bulletin
๐จ CVE-2023-23908
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
๐@cveNotify
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
๐@cveNotify
Intel
INTEL-SA-00836