QNAP QTS, QuTS hero, and QuTScloud server-side request forgery | CVE-2023-39301
NAME__________QNAP QTS, QuTS hero, and QuTScloud server-side request forgeryPlatforms Affected:QNAP QTS 5.0.0 QNAP QuTS Hero h5.0.0 QNAP QuTS hero h5.1.0...
Vulnerabilities
Redmine cross-site scripting | CVE-2023-47258
NAME__________Redmine cross-site scriptingPlatforms Affected:Redmine Redmine 5.0.6Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Redmine is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
MediaTek Chipsets privilege escalation | CVE-2023-32840
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
Redmine cross-site scripting | CVE-2023-47260
NAME__________Redmine cross-site scriptingPlatforms Affected:Redmine Redmine 5.0.6Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Redmine is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Ivanti Avalanche privilege escalation | CVE-2023-41725
NAME__________Ivanti Avalanche privilege escalationPlatforms Affected:Ivanti Avalanche 6.4.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Ivanti Ivanti Avalanche could allow a local authenticated attacker to gain...
MediaTek Chipsets privilege escalation | CVE-2023-32838
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
Ivanti Avalanche privilege escalation | CVE-2023-41726
NAME__________Ivanti Avalanche privilege escalationPlatforms Affected:Ivanti Avalanche 6.4.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Ivanti Ivanti Avalanche could allow a local authenticated attacker to gain...
QNAP Music Station directory traversal | CVE-2023-39299
NAME__________QNAP Music Station directory traversalPlatforms Affected:QNAP Music Station 5.3 QNAP Music Station 4.8 QNAP Music Station 5.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________QNAP...
MediaTek Chipsets privilege escalation | CVE-2023-32835
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
Login Screen Manager Plugin for WordPress cross-site request forgery | CVE-2023-47182
NAME__________Login Screen Manager Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Login Screen Manager Plugin for WordPress 3.5.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Login...
Redmine cross-site scripting | CVE-2023-47259
NAME__________Redmine cross-site scriptingPlatforms Affected:Redmine Redmine 5.0.6Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Redmine is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
MediaTek Chipsets privilege escalation | CVE-2023-32839
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
ImageLinks Interactive Image Builder Plugin for WordPress cross-site request forgery | CVE-2023-46823
NAME__________ImageLinks Interactive Image Builder Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress ImageLinks Interactive Image Builder plugin for WordPress 1.5.4Risk Level:6.5Exploitability:HighConsequences:File...
Linker Plugin for WordPress cross-site scripting | CVE-2023-47177
NAME__________Linker Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Linker Plugin for WordPress 1.2.1Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Linker Plugin for WordPress is vulnerable...
MediaTek Chipsets privilege escalation | CVE-2023-32834
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
MediaTek Chipsets information disclosure | CVE-2023-32825
NAME__________MediaTek Chipsets information disclosurePlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MediaTek Chipsets could allow a local attacker to obtain sensitive...
Admin Bar & Dashboard Access Control Plugin for WordPress cross-site scripting | CVE-2023-47184
NAME__________Admin Bar & Dashboard Access Control Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Admin Bar & Dashboard Access Control Plugin for...
MediaTek Chipsets privilege escalation | CVE-2023-32836
NAME__________MediaTek Chipsets privilege escalationPlatforms Affected:MediaTek Android MediaTek ChipsetsRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________MediaTek Chipsets could allow a local authenticated attacker to gain...
Slick Popup Plugin for WordPress cross-site scripting | CVE-2023-46824
NAME__________Slick Popup Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Slick Popup Plugin for WordPress 1.7.14Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Slick Popup Plugin for...
Zotpress plugin for WordPress cross-site scripting | CVE-2023-46313
NAME__________Zotpress plugin for WordPress cross-site scriptingPlatforms Affected:WordPress User Feedback Plugin for WordPress 1.0.9Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Zotpress plugin for WordPress is...
Moxa PT-G503 Series information disclosure |
NAME__________Moxa PT-G503 Series information disclosurePlatforms Affected:Moxa MXview Network Management Software 3.2.2Risk Level:3.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Moxa PT-G503 Series could allow a remote...
pkp/pkp-lib cross-site scripting | CVE-2023-5890
NAME__________pkp/pkp-lib cross-site scriptingPlatforms Affected:pkp pkp-lib 3.4.0-3Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________pkp/pkp-lib is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
ZenTaoPMS cross-site scripting | CVE-2023-46475
NAME__________ZenTaoPMS cross-site scriptingPlatforms Affected:ZentaoPMS ZentaoPMS 18.3Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ZenTaoPMS is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
MiniCMS cross-site scripting | CVE-2023-46378
NAME__________MiniCMS cross-site scriptingPlatforms Affected:MiniCMS MiniCMS 1.1.1Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MiniCMS is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
