Gain Access

Ashlar-Vellum Cobalt buffer overflow | CVE-2023-35709

June 17, 2023

NAME__________Ashlar-Vellum Cobalt buffer overflowPlatforms Affected:Ashlar-Vellum CobaltRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ashlar-Vellum Cobalt is vulnerable to a heap-based buffer overflow, caused by improper...

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3203

June 16, 2023

NAME__________MStore API plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress MStore API Plugin for WordPress 3.9.6Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MStore API plugin...

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3200

June 16, 2023

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3198

June 16, 2023

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3201

June 16, 2023

Grav code execution | CVE-2023-34448

June 16, 2023

NAME__________Grav code executionPlatforms Affected:Grav Grav 1.7.40Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Grav could allow a remote authenticated attacker to execute arbitrary code on...

Contiki-NG buffer overflow | CVE-2023-34101

June 16, 2023

NAME__________Contiki-NG buffer overflowPlatforms Affected:Contiki-NG Contiki-NG 4.8Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Contiki-NG is vulnerable to a stack-based buffer overflow, caused by improper bounds...

Jenkins Team Concert Plugin information disclosure |

June 16, 2023

NAME__________Jenkins Team Concert Plugin information disclosurePlatforms Affected:Jenkins Team Concert Plugin 2.4.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Team Concert could allow a remote...

Grav code execution | CVE-2023-34252

June 16, 2023

Grav code execution | CVE-2023-34253

June 16, 2023

Jenkins Digital.ai App Management Publisher Plugin cross-site request forgery | CVE-2023-35148

June 16, 2023

NAME__________Jenkins Digital.ai App Management Publisher Plugin cross-site request forgeryPlatforms Affected:Jenkins Digital.ai App Management Publisher Plugin 2.6Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Digital.ai...

Jenkins Checkmarx Plugin man-in-the-middle | CVE-2023-35142

June 16, 2023

NAME__________Jenkins Checkmarx Plugin man-in-the-middlePlatforms Affected:Jenkins Checkmarx Plugin 2022.4.3Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Checkmarx Plugin is vulnerable to a man-in-the-middle attack, caused...

Jenkins Dimensions Plugin information disclosure | CVE-2023-32261

June 16, 2023

NAME__________Jenkins Dimensions Plugin information disclosurePlatforms Affected:Jenkins Dimensions Plugin 0.9.3Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Dimensions Plugin could allow a remote authenticated attacker...

Fortinet FortiOS and FortiProxy code execution | CVE-2022-43953

June 15, 2023

NAME__________Fortinet FortiOS and FortiProxy code executionPlatforms Affected:Fortinet FortiOS 6.4.0 Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy...

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2569

June 15, 2023

NAME__________Schneider Electric EcoStruxure Foxboro DCS Control Core Services executionPlatforms Affected:Schneider Electric EcoStruxure Foxboro DCS Control Core ServicesRisk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider...

Contact Forms by Cimatti plugin for WordPress cross-site request forgery | CVE-2023-2563

June 15, 2023

NAME__________Contact Forms by Cimatti plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Contact Forms by Cimatti Plugin for WordPress 1.5.7Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

Microsoft Windows Server iSCSI Target WMI Provider code execution | CVE-2023-29367

June 15, 2023

NAME__________Microsoft Windows Server iSCSI Target WMI Provider code executionPlatforms Affected:Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows...

Siemens POWER METER SICAM Q200 family cross-site request forgery | CVE-2023-30901

June 15, 2023

NAME__________Siemens POWER METER SICAM Q200 family cross-site request forgeryPlatforms Affected:Siemens POWER METER SICAM Q200 familyRisk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens POWER METER...

Schneider Electric IGSS Dashboard code execution | CVE-2023-3001

June 15, 2023

NAME__________Schneider Electric IGSS Dashboard code executionPlatforms Affected:Schneider Electric IGSS Dashboard 16.0.0.23130Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider Electric IGSS Dashboard could allow a...

Siemens SIMATIC products and SINAUT Software weak security | CVE-2023-28829

June 15, 2023

NAME__________Siemens SIMATIC products and SINAUT Software weak securityPlatforms Affected:Siemens SIMATIC PCS 7 8.2 Siemens SIMATIC PCS 7 9.0 Siemens SIMATIC...

Siemens SIMATIC WinCC code execution | CVE-2023-30897

June 15, 2023

NAME__________Siemens SIMATIC WinCC code executionPlatforms Affected:Siemens SIMATIC WinCCRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens SIMATIC WinCC could allow a local authenticated attacker to...

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2570

June 15, 2023

Chatwork Desktop Application code execution | CVE-2023-32546

June 15, 2023

NAME__________Chatwork Desktop Application code executionPlatforms Affected:Chatwork Chatwork Desktop Application 2.6.43Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Chatwork Desktop Application could allow a local authenticated...

Ricoh Printer Driver Packager NX code execution | CVE-2023-30759

June 15, 2023

NAME__________Ricoh Printer Driver Packager NX code executionPlatforms Affected:Ricoh Printer Driver Packager 1.0.02 Ricoh Printer Driver Packager 1.1.25Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ricoh...

Gain Access

Ashlar-Vellum Cobalt buffer overflow | CVE-2023-35709

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3203

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3200

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3198

MStore API plugin for WordPress cross-site request forgery | CVE-2023-3201

Grav code execution | CVE-2023-34448

Contiki-NG buffer overflow | CVE-2023-34101

Jenkins Team Concert Plugin information disclosure |

Grav code execution | CVE-2023-34252

Grav code execution | CVE-2023-34253

Jenkins Digital.ai App Management Publisher Plugin cross-site request forgery | CVE-2023-35148

Jenkins Checkmarx Plugin man-in-the-middle | CVE-2023-35142

Jenkins Dimensions Plugin information disclosure | CVE-2023-32261

Fortinet FortiOS and FortiProxy code execution | CVE-2022-43953

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2569

Contact Forms by Cimatti plugin for WordPress cross-site request forgery | CVE-2023-2563

Microsoft Windows Server iSCSI Target WMI Provider code execution | CVE-2023-29367

Siemens POWER METER SICAM Q200 family cross-site request forgery | CVE-2023-30901

Schneider Electric IGSS Dashboard code execution | CVE-2023-3001

Siemens SIMATIC products and SINAUT Software weak security | CVE-2023-28829

Siemens SIMATIC WinCC code execution | CVE-2023-30897

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2570

Chatwork Desktop Application code execution | CVE-2023-32546

Ricoh Printer Driver Packager NX code execution | CVE-2023-30759

CVE Alert: CVE-2025-3746

CVE Alert: CVE-2025-4177

CVE Alert: CVE-2025-3670

CVE Alert: CVE-2025-2880

CVE Alert: CVE-2025-4179

You may have missed