Daily Vulnerability Trends: Sat Apr 15 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-28879In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to...
Vulnerabilities
Siemens SIPROTEC 5 devices denial of service | CVE-2023-28766
NAME__________Siemens SIPROTEC 5 devices denial of servicePlatforms Affected:Siemens SIPROTEC 5 6MD89 (CP300) Siemens SIPROTEC 5 7KE85 (CP200) Siemens SIPROTEC 5...
Siemens SCALANCE X-200IRT man-in-the-middle | CVE-2023-2905
NAME__________Siemens SCALANCE X-200IRT man-in-the-middlePlatforms Affected:Siemens SCALANCE X200-4P IRT Siemens SCALANCE X201-3P IRT Siemens SCALANCE X201-3P IRT PRO Siemens SCALANCE X202-2IRT...
Siemens Teamcenter Visualization and JT2Go buffer overflow | CVE-2023-1709
NAME__________Siemens Teamcenter Visualization and JT2Go buffer overflowPlatforms Affected:Siemens Teamcenter Visualization 14.0 Siemens Teamcenter Visualization 13.2 Siemens Teamcenter Visualization 13.3 Siemens...
LiveAction LiveSP cross-site scripting | CVE-2023-27775
NAME__________LiveAction LiveSP cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________LiveAction LiveSPis vulnerable to cross-site scripting, caused by improper validation of user-supplied input...
ManageEngine ADManager Plus command execution | CVE-2023-29084
NAME__________ManageEngine ADManager Plus command executionPlatforms Affected:Zoho ManageEngine ADManager PlusRisk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ManageEngine ADManager Plus could allow a remote authenticated attacker...
D-Link DSL-3782 code execution | CVE-2023-27216
NAME__________D-Link DSL-3782 code executionPlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences: DESCRIPTION__________D-Link DSL-3782 could allow a remote authenticated attacker to execute arbitrary code on the...
Void Tools Everything denial of service | CVE-2023-27704
NAME__________Void Tools Everything denial of servicePlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Void Tools Everything is vulnerable to a denial of service,...
Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F command execution | CVE-2022-40679
NAME__________Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F command executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiADC, Fortinet FortiDDoS, and Fortinet FortiDDoS-F could...
Siemens Mendix Forgot Password information disclosure | CVE-2023-27464
NAME__________Siemens Mendix Forgot Password information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siemens Mendix Forgot Password could allow a remote attacker to obtain...
Autodesk Maya code execution | CVE-2023-27907
NAME__________Autodesk Maya code executionPlatforms Affected:Autodesk Maya USD Plugin 0.22.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Autodesk Maya could allow a remote attacker to execute...
PikPak information disclosure | CVE-2023-27703
NAME__________PikPak information disclosurePlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PikPak could allow a local attacker to obtain sensitive information, caused by a flaw...
Textpattern CMS file upload | CVE-2023-26852
NAME__________Textpattern CMS file uploadPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Textpattern CMS could allow a remote authenticated attacker to upload arbitrary files, caused...
BlueZ code execution | CVE-2023-27349
NAME__________BlueZ code executionPlatforms Affected:BlueZ BlueZRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________BlueZ could allow a remote attacker to execute arbitrary code on the system,...
ServiceNow cross-site scripting | CVE-2022-39048
NAME__________ServiceNow cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ServiceNow is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
ConnMan denial of service | CVE-2023-28488
NAME__________ConnMan denial of servicePlatforms Affected:ConnMan ConnMan 1.41Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________ConnMan is vulnerable to a denial of service, caused by...
Autodesk Maya information disclosure | CVE-2023-25010
NAME__________Autodesk Maya information disclosurePlatforms Affected:Autodesk Maya USD Plugin 0.22.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Autodesk Maya could allow a remote attacker to obtain...
Palo Alto Networks GlobalProtect app for Windows security bypass | CVE-2023-0006
NAME__________Palo Alto Networks GlobalProtect app for Windows security bypassPlatforms Affected:Palo Alto Networks GlobalProtect app for Windows 5.2 Palo Alto Networks...
Linux Kernel information disclosure | CVE-2023-2007
NAME__________Linux Kernel information disclosurePlatforms Affected:Linux KernelRisk Level:6.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Linux Kernel could allow a local authenticated attacker to obtain sensitive information,...
Linux Kernel denial of service | CVE-2023-2019
NAME__________Linux Kernel denial of servicePlatforms Affected:Linux KernelRisk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Linux Kernel is vulnerable to a denial of service, caused...
Autodesk Maya code execution | CVE-2023-27906
NAME__________Autodesk Maya code executionPlatforms Affected:Autodesk Maya USD Plugin 0.22.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Autodesk Maya could allow a remote attacker to execute...
shadow-maint shadow-utils security bypass |
NAME__________shadow-maint shadow-utils security bypassPlatforms Affected:shadow-maint shadow-utils 4.13Risk Level:3.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________shadow-maint shadow-utils could allow a local authenticated attacker to bypass security...
Palo Alto Networks PAN-OS security bypass | CVE-2023-0004
NAME__________Palo Alto Networks PAN-OS security bypassPlatforms Affected:Palo Alto Networks PAN-OS 9.0.0 Palo Alto Networks PAN-OS 8.1 Palo Alto Networks PAN-OS...
Mitsubishi Electric GC-ENET-COM denial of service | CVE-2023-1285
NAME__________Mitsubishi Electric GC-ENET-COM denial of servicePlatforms Affected:Mitsubishi Electric GC-ENET-COMRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mitsubishi Electric GC-ENET-COM is vulnerable to a denial...
