Vulnerabilities

GitLab information disclosure | CVE-2023-1648

NAME__________GitLab information disclosurePlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by the leak of authorization headers in the DAST API scanner. By…

Irssi denial of service | CVE-2023-29132

NAME__________Irssi denial of servicePlatforms Affected:Irssi Irssi 1.3.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Irssi is vulnerable to a denial of service, caused by a use-after-free flaw when printing a message while another message…

Nextcloud Server security bypass | CVE-2023-28643

NAME__________Nextcloud Server security bypassPlatforms Affected:Nextcloud Nextcloud Server 25.0.0Risk Level:5.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud Server could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when a recipient receives…

Samba security bypass | CVE-2023-0225

NAME__________Samba security bypassPlatforms Affected:Samba Samba 4.17.0 Samba Samba 4.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Samba could allow a remote authenticated attacker to bypass security restrictions, caused by an incomplete access check on dnsHostName.…

IEEE 802.11 spoofing | CVE-2022-47522

NAME__________IEEE 802.11 spoofingPlatforms Affected:IEEE 802.11Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IEEE 802.11 could allow a remote attacker to conduct spoofing attacks, caused by an improper implemented authentication schemes flaw in the Packet Routing…

lambdaisland/uri security bypass | CVE-2023-28628

NAME__________lambdaisland/uri security bypassPlatforms Affected:lambdaisland/uri lambdaisland/uri 1.13.95Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________lambdaisland/uri could allow a remote attacker to bypass security restrictions, caused by a flaw with authority-regex function returns the wrong authority. By…

RouterOS denial of service | CVE-2023-24094

NAME__________RouterOS denial of servicePlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________RouterOS is vulnerable to a denial of service, caused by memory corruption in the bridge2 component. By sending specially-crafted packers,…