CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2023-25507 NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, deni... | 7.2 | HIGH | — | 0 |
| CVE-2023-25508 NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which ... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-25509 NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges. | 6.0 | MEDIUM | — | 0 |
| CVE-2023-25510 NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service. | 3.3 | LOW | — | 0 |
| CVE-2023-25511 NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service. | 3.3 | LOW | — | 0 |
| CVE-2023-25512 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful e... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-25513 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. ... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-2242 A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component GET Parame... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2239 Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-2243 A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file users/registration.php of the c... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2244 A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects an unknown part of the file /admin/orders/update_status.php of the component GET P... | 6.3 | MEDIUM | — | 0 |
| CVE-2022-45361 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Boris Kuzmanov 0mk Shortener plugin <= 0.2 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2022-4944 A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site req... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-1875 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | 5.4 | MEDIUM | — | 0 |
| CVE-2022-44582 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apptivo Apptivo Business Site CRM plugin <= 3.0.12 versions. | 4.8 | MEDIUM | — | 0 |
| CVE-2022-44631 Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in 1app Technologies, Inc 1app Business Forms plugin <= 1.0.0 versions. | 4.8 | MEDIUM | — | 0 |
| CVE-2022-44594 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Codebangers All in One Time Clock Lite plugin <= 1.3.320 versions. | 4.8 | MEDIUM | — | 0 |
| CVE-2022-44743 Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.11.2 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30703 Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information. | 3.3 | LOW | — | 0 |
| CVE-2023-22698 Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Jason Bobich Theme Blvd Responsive Google Maps plugin <= 1.0.2 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-22718 Reflected Cross-Site Scripting (XSS) vulnerability in Jason Lau User Meta Manager plugin <= 3.4.9 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-24386 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Karishma Arora AI Contact Us Form plugin <= 1.0 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-24404 Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage Marketing Performance plugin <= 2.0.0 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-23717 Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in George Gecewicz Portfolio Slideshow plugin <= 1.13.0 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-23806 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davinder Singh Custom Settings plugin <= 1.0 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-23816 Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Twardes Sitemap Index plugin <= 1.2.3 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-23817 Auth. (contrinbutor+) Cross-Site Scripting (XSS) vulnerability in WebArea | Vera Nedvyzhenko Simple PDF Viewer plugin <= 1.9 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-23827 Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Google Maps v3 Shortcode plugin <= 1.2.1 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-23832 Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in TC Ultimate WP Query Search Filter plugin <= 1.0.10 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-25451 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPChill CPO Content Types plugin <= 1.1.0 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-27425 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in James Irving-Swift Electric Studio Client Login plugin <= 0.8.1 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-27614 Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Ian Haycox Motor Racing League plugin <= 1.9.9 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2022-45074 Cross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited Activity Reactions For Buddypress plugin <= 1.0.22 versions. | 4.3 | MEDIUM | — | 0 |
| CVE-2022-45080 Cross-Site Request Forgery (CSRF) vulnerability in KrishaWeb Add Multiple Marker plugin <= 1.2 versions. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-22686 Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice PayPal Button Lite plugin <= 1.3.5 versions. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-23879 Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh PHP Execution plugin <= 1.0.0 versions. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-2246 A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. T... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-31082 An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel. Note: This has been dis... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-22577 Within White Rabbit Switch it's possible as an unauthenticated user to retrieve sensitive information such as password hashes and the SNMP community strings. | 9.8 | CRITICAL | — | 0 |
| CVE-2023-22581 White Rabbit Switch contains a vulnerability which makes it possible for an attacker to perform system commands under the context of the web application (the default installation makes the webserver r... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-25131 Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remot... | 9.4 | CRITICAL | — | 0 |
| CVE-2023-25132 Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 ... | 9.1 | CRITICAL | — | 0 |
| CVE-2023-25133 Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, Power... | 9.1 | CRITICAL | — | 0 |
| CVE-2022-48476 In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible | 7.5 | HIGH | — | 0 |
| CVE-2022-48477 In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing | 4.1 | MEDIUM | — | 0 |
| CVE-2023-29579 yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a securi... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-29582 yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a secu... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-29583 yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a secu... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-2260 Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. | 8.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.