US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda M3 1.0.0.12(4856) Tenda AC10 AC1200 15.03.06.23_ENRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is...
NAME__________Chamilo LMS security bypassPlatforms Affected:Chamilo Chamilo LMS 1.11.18Risk Level:5.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Chamilo LMS could allow a remote attacker to bypass security...
NAME__________/tg/station tgstation-server information disclosurePlatforms Affected:/tg/station tgstation-server 4.0.0 /tg/station tgstation-server 5.12.4Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________/tg/station tgstation-server could allow a remote attacker to...
NAME__________Slideshow, Image Slider by 2J plugin for WordPress security bypassPlatforms Affected:2J Slideshow Team Slideshow Image Slider by 2J plugin for...
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda M3 1.0.0.12(4856) Tenda AC10 AC1200 15.03.06.23_ENRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is...
NAME__________Chamilo LMS cross-site scriptingPlatforms Affected:Chamilo Chamilo LMS 1.11.18Risk Level:6.1Exploitability:HighConsequences:Gain Access DESCRIPTION__________Chamilo LMS is vulnerable to cross-site scripting, caused by improper...
NAME__________Login/Signup Popup plugin for WordPress cross-site request forgeryPlatforms Affected:XootiX Login/Signup Popup plugin for WordPress 1.4Risk Level:7.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Login/Signup Popup plugin...
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda M3 1.0.0.12(4856) Tenda AC10 AC1200 15.03.06.23_ENRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is...
NAME__________Fortinet FortiOS and FortiProxy code executionPlatforms Affected:Fortinet FortiOS 6.0.0 Fortinet FortiOS 6.2.0 Fortinet FortiOS 6.4.0 Fortinet FortiProxy 2.0.0 Fortinet FortiProxy...
NAME__________Chamilo LMS server-side request forgeryPlatforms Affected:Chamilo Chamilo LMS 1.11.18Risk Level:4.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Chamilo LMS is vulnerable to server-side request forgery, caused...
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda M3 1.0.0.12(4856) Tenda AC10 AC1200 15.03.06.23_ENRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is...
NAME__________Sales Tracker Management System page cross-site scriptingPlatforms Affected:Risk Level:2.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sales Tracker Management System is vulnerable to cross-site scripting, caused...
NAME__________HashiCorp Vault and Vault Enterprise cross-site scriptingPlatforms Affected:HashiCorp Vault 1.11.10 HashiCorp Vault 1.12.6 HashiCorp Vault 1.13.2 HashiCorp Vault Enterprise 1.11.10...
NAME__________Chamilo LMS security bypassPlatforms Affected:Chamilo Chamilo LMS 1.11.18Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Chamilo LMS could allow a remote attacker to bypass security...
NAME__________Performance Indicator System cross-site scriptingPlatforms Affected:Sourcecodester Performance Indicator System 1.0Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Performance Indicator System is vulnerable to cross-site scripting,...
NAME__________Tenda AC10 denial of servicePlatforms Affected:Tenda M3 1.0.0.12(4856) Tenda AC10 AC1200 15.03.06.23_ENRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AC10 is...
NAME__________Western Digital MyCloud PR4100 server-side request forgeryPlatforms Affected:Western Digital MyCloud PR4100 5.26Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Western Digital MyCloud PR4100 is vulnerable...
NAME__________Progress MOVEit Transfer SQL injectionPlatforms Affected:Progress MOVEit Transfer 13.0.6 Progress MOVEit Transfer 13.1.4 Progress MOVEit Transfer 14.0.4 Progress MOVEit Transfer...
NAME__________Fortinet FortiNAC denial of servicePlatforms Affected:Fortinet FortiNAC 8.7.0 Fortinet FortiNAC 8.8.0 Fortinet FortiNAC 9.1.0 Fortinet FortiNAC 9.2.0 Fortinet FortiNAC 9.4.0...
NAME__________Fortinet FortiOS and FortiProxy information disclosurePlatforms Affected:Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy 7.2.0 Fortinet FortiProxy...
NAME__________Umbraco UmbracoIdentityExtensions information disclosurePlatforms Affected:Umbraco UmbracoIdentityExtensions 1.0.1Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Umbraco UmbracoIdentityExtensions could allow a remote attacker to obtain sensitive information,...
NAME__________Contiki-NG information disclosurePlatforms Affected:Contiki-NG Contiki-NG 4.8Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Contiki-NG could allow a remote attacker to obtain sensitive information, caused by...
NAME__________Fortinet FortiClientWindows and FortiConverter code executionPlatforms Affected:Fortinet FortiClientWindows 7.0.0 Fortinet FortiClientWindows 6.4.0 Fortinet FortiClientWindows 6.4.8 Fortinet FortiClientWindows 7.0.6 Fortinet FortiConverter...