Oracle Java SE, Oracle GraalVM Enterprise Edition unspecified | CVE-2023-21967
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle Java SE 8u361 Oracle Java SE 8u361-perf Oracle Java SE 11.0.18...
Vulnerabilities
Cisco BroadWorks Network Server denial of service | CVE-2023-20125
NAME__________Cisco BroadWorks Network Server denial of servicePlatforms Affected:Cisco BroadWorks Network ServerRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Cisco BroadWorks Network Server is vulnerable...
Drupal core security bypass |
NAME__________Drupal core security bypassPlatforms Affected:Drupal Drupal 10.0.7 Drupal Drupal 9.4.13 Drupal Drupal 7.95 Drupal Drupal 9.5.7Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Drupal core...
OpenSSL denial of service | CVE-2023-1255
NAME__________OpenSSL denial of servicePlatforms Affected:OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.1.0 OpenSSL OpenSSL 3.0.8Risk Level:3.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenSSL is vulnerable to...
Snyk Advisor website cross-site scripting | CVE-2023-1767
NAME__________Snyk Advisor website cross-site scriptingPlatforms Affected:Snyk Advisor websiteRisk Level:4.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Snyk Advisor website is vulnerable to cross-site scripting, caused by...
Perl HTTP::Tiny module man-in-the-middle |
NAME__________Perl HTTP::Tiny module man-in-the-middlePlatforms Affected:Perl HTTP::Tiny 2.34Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Perl HTTP::Tiny module is vulnerable to a man-in-the-middle attack, caused by...
NEXT ENGINE Integration Plugin plugin for EC-CUBE 2.0 series security bypass | CVE-2023-27919
NAME__________NEXT ENGINE Integration Plugin plugin for EC-CUBE 2.0 series security bypassPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________NEXT ENGINE Integration Plugin plugin for...
Eclipse Jetty information disclosure | CVE-2023-26049
NAME__________Eclipse Jetty information disclosurePlatforms Affected:Eclipse Jetty 9.4.50 Eclipse Jetty 10.013 Eclipse Jetty 11.0.13Risk Level:4.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Eclipse Jetty could allow a...
Apache StreamPark security bypass | CVE-2023-46365
NAME__________Apache StreamPark security bypassPlatforms Affected:Apache StreamPark 1.0.0Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache StreamPark could allow a remote authenticated attacker to bypass security...
Eclipse Jetty denial of service | CVE-2023-26048
NAME__________Eclipse Jetty denial of servicePlatforms Affected:Eclipse Jetty 9.4.50 Eclipse Jetty 10.013 Eclipse Jetty 11.0.13Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Eclipse Jetty is...
Apache DolphinScheduler security bypass | CVE-2023-25601
NAME__________Apache DolphinScheduler security bypassPlatforms Affected:Apache DolphinScheduler 3.0.0 Apache DolphinScheduler 3.1.1Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache DolphinScheduler could allow a remote attacker to...
LIQUID SPEECH BALLOON plugin for WordPress cross-site request forgery | CVE-2023-27889
NAME__________LIQUID SPEECH BALLOON plugin for WordPress cross-site request forgeryPlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________LIQUID SPEECH BALLOON plugin for WordPress is vulnerable...
VMware Aria Operations for Logs command execution | CVE-2023-20865
NAME__________VMware Aria Operations for Logs command executionPlatforms Affected:VMware Aria Operations for Logs 8.12 VMware Aria Operations for Logs 8.10.2 VMware...
Daily Vulnerability Trends: Fri Apr 21 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-2033Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a...
TransbankDevelopers Transbank Webpay REST Plugin for WordPress SQL injection | CVE-2023-27610
NAME__________TransbankDevelopers Transbank Webpay REST Plugin for WordPress SQL injectionPlatforms Affected:WordPress Transbank Webpay REST Plugin for WordPress 1.6.6Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________TransbankDevelopers...
Control iD RHiD SQL injecition | CVE-2023-2043
NAME__________Control iD RHiD SQL injecitionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Control iD RHiD is vulnerable to SQL injection. A remote attacker could...
Nextcloud Talk information disclosure | CVE-2023-30540
NAME__________Nextcloud Talk information disclosurePlatforms Affected:Nextcloud Talk 15.0.0 Nextcloud Talk 15.0.4Risk Level:3.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nextcloud Talk could allow a remote authenticated attacker...
Ultimate Noindex Nofollow Tool II Plugin for WordPress cross-site request forgery | CVE-2023-30474
NAME__________Ultimate Noindex Nofollow Tool II Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Ultimate Noindex Nofollow Tool Plugin for WordPress 1.3Risk...
Slim PSR-7 security bypass | CVE-2023-30536
NAME__________Slim PSR-7 security bypassPlatforms Affected:Slim PSR-7 1.6.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Slim PSR-7 could allow a remote attacker to bypass security restrictions,...
Nextcloud Server security bypass | CVE-2023-30539
NAME__________Nextcloud Server security bypassPlatforms Affected:Nextcloud Nextcloud Server 25.0.0 Nextcloud Nextcloud Server 24.0.0 Nextcloud Nextcloud Enterprise Server 23.0.0 Nextcloud Nextcloud Enterprise...
Uniswap Labs web3-react security bypass | CVE-2023-30543
NAME__________Uniswap Labs web3-react security bypassPlatforms Affected:Uniswap Labs web3-reactRisk Level:5.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Uniswap Labs web3-react could allow a remote authenticated attacker to...
MP4v2 denial of service | CVE-2023-29584
NAME__________MP4v2 denial of servicePlatforms Affected:Risk Level:5.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________MP4v2 is vulnerable to a denial of service, caused by...
Archery SQL injection | CVE-2023-30552
NAME__________Archery SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Archery is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
Mattermost information disclosure | CVE-2023-1831
NAME__________Mattermost information disclosurePlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mattermost could allow a remote authenticated attacker to obtain sensitive information, caused by the...
