Zyxel ATP and USG FLEX series devices cross-site scripting | CVE-2023-35139
NAME__________Zyxel ATP and USG FLEX series devices cross-site scriptingPlatforms Affected:Zyxel ATP series 5.10 Zyxel ATP series 5.37 Zyxel USG FLEX...
Apache Cocoon SQL injection | CVE-2022-45135
NAME__________Apache Cocoon SQL injectionPlatforms Affected:Apache Cocoon 2.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________is vulnerable to SQL injection. A remote attacker could send specially-crafted...
Xsendfile module for Drupal security bypass |
NAME__________Xsendfile module for Drupal security bypassPlatforms Affected:Drupal Xsendfile module for Drupal 8.x-1.1Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Xsendfile module for Drupal could allow...
Apache Cocoon information disclosure | CVE-2023-49733
NAME__________Apache Cocoon information disclosurePlatforms Affected:Apache Cocoon 2.2Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Cocoon could allow a remote attacker to obtain sensitive information,...
GitLab Community and Enterprise Edition security bypass | CVE-2023-3443
NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0 GitLab...
Zyxel ATP and USG FLEX series devices information disclosure | CVE-2023-37925
NAME__________Zyxel ATP and USG FLEX series devices information disclosurePlatforms Affected:Zyxel ATP series 5.10 Zyxel ATP series 5.37 Zyxel USG FLEX...
Apache Tiles directory traversal | CVE-2023-49735
NAME__________Apache Tiles directory traversalPlatforms Affected:Apache Tiles 2.0.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Tiles could allow a remote attacker to traverse directories on...
Bluetooth Core Specification machine-in-the-middle | CVE-2023-24023
NAME__________Bluetooth Core Specification machine-in-the-middlePlatforms Affected:Bluetooth SIG Inc. Bluetooth Core Specification 4.2 Bluetooth SIG Inc. Bluetooth Core Specification 5.4Risk Level:5.4Exploitability:UnprovenConsequences:Denial of...
GitLab Community and Enterprise Edition denial of service | CVE-2023-4912
NAME__________GitLab Community and Enterprise Edition denial of servicePlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0...
GitLab Community and Enterprise Edition security bypass | CVE-2023-5995
NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0 GitLab...
Apache DolphinScheduler security bypass | CVE-2023-49620
NAME__________Apache DolphinScheduler security bypassPlatforms Affected:Apache DolphinScheduler 3.0.0 Apache DolphinScheduler 2.0.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache DolphinScheduler could allow a remote authenticated attacker...
GitLab Community and Enterprise Edition security bypass | CVE-2023-4317
NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0 GitLab...
Apple Safari, macOS Sonoma, iOS and iPadOS information disclosure | CVE-2023-42916
NAME__________Apple Safari, macOS Sonoma, iOS and iPadOS information disclosurePlatforms Affected:Apple Safari 17.1.1 Apple iOS 17.1.1 Apple iPadOS 17.1.1 Apple macOS...
Zyxel NAS326 and NAS542 devices information disclosure |
NAME__________Zyxel NAS326 and NAS542 devices information disclosurePlatforms Affected:Zyxel NAS326 5.21(AAZF.14)C0 Zyxel NAS542 5.21(ABAG.11)C0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Zyxel NAS326 and NAS542 devices...
GitLab Community and Enterprise Edition information disclosure | CVE-2023-3949
NAME__________GitLab Community and Enterprise Edition information disclosurePlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0 GitLab...
Delta Electronics DOPSoft buffer overflow | CVE-2023-5944
NAME__________Delta Electronics DOPSoft buffer overflowPlatforms Affected:Delta Electronics DOPSoftRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow,...
GitLab Community and Enterprise Edition security bypass | CVE-2023-5226
NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.4.0 GitLab Enterprise Edition 16.5.0 GitLab Community Edition 16.5.0 GitLab...
Amazzing Filter Plugin for PrestaShop cross-site scripting | CVE-2023-48042
NAME__________Amazzing Filter Plugin for PrestaShop cross-site scriptingPlatforms Affected:PrestaShop Amazzing Filter Plugin for PrestaShopRisk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Amazzing Filter Plugin for PrestaShop...
Mitsubishi Electric FA Engineering Software Products code execution | CVE-2023-5247
NAME__________Mitsubishi Electric FA Engineering Software Products code executionPlatforms Affected:Mitsubishi Electric MELSOFT iQ AppPortal Mitsubishi Electric MELSOFT Navigator Mitsubishi Electric GX...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code...
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it...
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective...
