Palo Alto Networks Cortex XDR Agent denial of service | CVE-2023-3280
NAME__________Palo Alto Networks Cortex XDR Agent denial of servicePlatforms Affected:Palo Alto Networks Cortex XDR Agent 5.0 Palo Alto Networks Cortex...
Vulnerabilities
Proofpoint Insider Threat Management cross-site scripting | CVE-2023-4802
NAME__________Proofpoint Insider Threat Management cross-site scriptingPlatforms Affected:Proofpoint Insider Threat Management Server 7.11.0 Proofpoint Insider Threat Management Server 7.10.2 Proofpoint Insider...
Apache Commons Compress denial of service | CVE-2023-42503
NAME__________Apache Commons Compress denial of servicePlatforms Affected:Apache Commons Compress 1.22Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Apache Commons Compress is vulnerable to a...
Proofpoint Insider Threat Management Agent for MacOS man-in-the-middle | CVE-2023-4801
NAME__________Proofpoint Insider Threat Management Agent for MacOS man-in-the-middlePlatforms Affected:Proofpoint Insider Threat Management Agent for MacOS 7.14.3.68 Proofpoint Insider Threat Management...
Fortinet FortiADC command execution | CVE-2022-35849
NAME__________Fortinet FortiADC command executionPlatforms Affected:Fortinet FortiADC 6.1.0 Fortinet FortiADC 6.1.5 Fortinet FortiADC 6.2.0 Fortinet FortiADC 6.2.1 Fortinet FortiADC 7.0.2 Fortinet...
SolarWinds Platform command execution | CVE-2023-23840
NAME__________SolarWinds Platform command executionPlatforms Affected:SolarWinds SolarWinds Platform 2023.3Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SolarWinds Platform could allow a remote authenticated attacker to execute...
Fortinet FortiTester information disclosure | CVE-2023-40715
NAME__________Fortinet FortiTester information disclosurePlatforms Affected:Fortinet FortiTester 7.2 Fortinet FortiTester 7.1 Fortinet FortiTester 7.0 Fortinet FortiTester 4.2 Fortinet FortiTester 4.1 Fortinet...
Fortinet FortiSIEM information disclosure | CVE-2023-36551
NAME__________Fortinet FortiSIEM information disclosurePlatforms Affected:Fortinet FortiSIEM 6.7.0 Fortinet FortiSIEM 6.7.5Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiSIEM could allow a remote authenticated attacker...
Proofpoint Insider Threat Management cross-site scripting | CVE-2023-4803
NAME__________Proofpoint Insider Threat Management cross-site scriptingPlatforms Affected:Proofpoint Insider Threat Management Server 7.11.0 Proofpoint Insider Threat Management Server 7.10.2 Proofpoint Insider...
Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U information disclosure | CVE-2023-25608
NAME__________Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U information disclosurePlatforms Affected:Fortinet FortiAP-C 5.4.0 Fortinet FortiAP-U 6.2.0 Fortinet FortiAP 7.2.0 Fortinet FortiAP-W2 7.2.0...
Fortinet FortiAP-U file deletion | CVE-2023-36634
NAME__________Fortinet FortiAP-U file deletionPlatforms Affected:Fortinet FortiAP-U 6.2.0 Fortinet FortiAP-U 7.0.0 Fortinet FortiAP-U 6.2.5 Fortinet FortiAP-U 6.0 Fortinet FortiAP-U 5.4Risk Level:7.1Exploitability:UnprovenConsequences:File...
Cecil directory traversal | CVE-2023-4914
NAME__________Cecil directory traversalPlatforms Affected:cecilapp cecil 7.47.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Cecil could allow a remote attacker to traverse directories on the system....
Daily Vulnerability Trends: Fri Sep 15 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-36884Windows Search Remote Code Execution VulnerabilityCVE-2023-4039 A failure in the -fstack-protector feature...
Slimstat Analytics plugin for WordPress SQL injection | CVE-2023-4598
NAME__________Slimstat Analytics plugin for WordPress SQL injectionPlatforms Affected:WordPress Slimstat Analytics plugin for WordPress 5.0.9Risk Level:5.4Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Slimstat Analytics plugin for...
Piccolo information disclosure | CVE-2023-41885
NAME__________Piccolo information disclosurePlatforms Affected:Piccolo Piccolo 0.120.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Piccolo could allow a remote attacker to obtain sensitive information, caused by...
Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of service | CVE-2023-37368
NAME__________Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Automotive Processor Samsung ModemRisk...
OpenMage Magento LTS information disclosure | CVE-2023-41879
NAME__________OpenMage Magento LTS information disclosurePlatforms Affected:OpenMage Magento LTS 19.5.0 OpenMage Magento LTS 20.0.0 OpenMage Magento LTS 20.1.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenMage...
MapPress Maps Plugin for WordPress cross-site scripting | CVE-2023-4840
NAME__________MapPress Maps Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress MapPress Maps Plugin for WordPress 2.88.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MapPress Maps Plugin for...
libvips denial of service | CVE-2023-40032
NAME__________libvips denial of servicePlatforms Affected:libvips libvips 8.12.0 libvips libvips 8.14.3Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libvips is vulnerable to a denial of...
Shuttle Booking Software id SQL injection |
NAME__________Shuttle Booking Software id SQL injectionPlatforms Affected:PHPJabbers Shuttle Booking Software 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Shuttle Booking Software is vulnerable to SQL...
Symfony ux-autocomplete security bypass | CVE-2023-41336
NAME__________Symfony ux-autocomplete security bypassPlatforms Affected:Symfony ux-autocomplete 2.11.1 Symfony ux-autocomplete 2.11.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Symfony ux-autocomplete could allow a remote attacker to...
iSmile Soft CMS index.php cross-site scripting |
NAME__________iSmile Soft CMS index.php cross-site scriptingPlatforms Affected:iSmile Soft CMS iSmile Soft CMS 0.3.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________iSmile Soft CMS is vulnerable...
Imagine CMS photo-gallery.html cross-site scripting |
NAME__________Imagine CMS photo-gallery.html cross-site scriptingPlatforms Affected:Imagine Web Technologies Imagine CMS 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Imagine CMS is vulnerable to cross-site scripting,...
Siemens Tecnomatix Plant Simulation code execution | CVE-2023-41846
NAME__________Siemens Tecnomatix Plant Simulation code executionPlatforms Affected:Siemens Tecnomatix Plant Simulation 2201 Siemens Tecnomatix Plant Simulation 2302Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens Tecnomatix...
