NAME__________Cockpit cross-site scriptingPlatforms Affected:Cockpit-HQ Cockpit 2.6.3Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Cockpit is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________IBM Robotic Process Automation privilege escalationPlatforms Affected:IBM Robotic Process Automation 21.0.0 IBM Robotic Process Automation 23.0.0 IBM Robotic Process Automation...
NAME__________3CX privilege escalationPlatforms Affected:3CX Phone Management System 18Risk Level:7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________3CX could allow a local authenticated attacker to gain elevated...
NAME__________Sourceforge DoorGets CMS information disclosurePlatforms Affected:Sourceforge DoorGets CMS 7.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sourceforge DoorGets CMS could allow a remote attacker to...
NAME__________EnterpriseDB Postgres Advanced Server UTL_FILE security bypassPlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
NAME__________IBM Robotic Process Automation information disclosurePlatforms Affected:IBM Robotic Process Automation 21.0.0 IBM Robotic Process Automation 21.0.7Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Robotic...
NAME__________EnterpriseDB Postgres Advanced Server DBMS_PROFILER security bypassPlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
NAME__________EnterpriseDB Postgres Advanced Server DBMS_MVIEW security bypassPlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
NAME__________20script Fara Melk Estate CMS information disclosurePlatforms Affected:20script Fara Melk Estate CMS 1.5.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________20script Fara Melk Estate CMS...
NAME__________Devolutions Remote Desktop Manager security bypassPlatforms Affected:Devolutions Remote Desktop Manager 2023.2.19Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Devolutions Remote Desktop Manager could allow a...
NAME__________EnterpriseDB Postgres Advanced Server get_url_as_text and get_url_as_bytea information disclosurePlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB...
NAME__________IBM Robotic Process Automation information disclosurePlatforms Affected:IBM Robotic Process Automation 21.0.0 IBM Robotic Process Automation 23.0.0 IBM Robotic Process Automation...
NAME__________ASUSTOR Data Master security bypassPlatforms Affected:ASUSTOR Data Master 4.0 ASUSTOR Data Master 4.1 ASUSTOR Data Master 4.2Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________ASUSTOR...
NAME__________Trane Thermostats command executionPlatforms Affected:Trane Technologies XL824 Thermostat Firmware 5.9.8 Trane Technologies XL850 Thermostat Firmware 5.9.8 Trane Technologies XL1050 Thermostat...
NAME__________EnterpriseDB Postgres Advanced Server accesshistory() information disclosurePlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
NAME__________Devolutions Remote Desktop Manager security bypassPlatforms Affected:Devolutions Remote Desktop Manager 2023.2.19Risk Level:5.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Devolutions Remote Desktop Manager could allow a...
NAME__________Danfoss AK-SM800A information disclosurePlatforms Affected:Danfoss AK-SM800A 3.3Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Danfoss AK-SM800A could allow a remote authetnicated attacker to obtain sensitive...
NAME__________Red Hat Openshift Logging security bypassPlatforms Affected:Red Hat OpenShift LoggingRisk Level:7.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Red Hat Openshift Logging could allow a remote...
NAME__________Apache Batik server-side request forgeryPlatforms Affected:Apache Batik 1.0 Apache Batik 1.16Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Batik is vulnerable to server-side request...
NAME__________Apache Batik server-side request forgeryPlatforms Affected:Apache Batik 1.0 Apache Batik 1.16Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Batik is vulnerable to server-side request...
NAME__________openSUSE Welcome privilege escalationPlatforms Affected:openSUSE WelcomeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________openSUSE Welcome could allow a local authenticated attacker to gain elevated privileges...
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023...
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These...
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber...
