CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-26260 OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer's account by an attacker, due to an improper check of the user agent. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-26551 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 5.6 | MEDIUM | β | 0 |
| CVE-2023-26552 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 5.6 | MEDIUM | β | 0 |
| CVE-2023-26553 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 5.6 | MEDIUM | β | 0 |
| CVE-2023-26554 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | 5.6 | MEDIUM | β | 0 |
| CVE-2023-30514 Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 | HIGH | β | 0 |
| CVE-2023-26555 praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. | 6.4 | MEDIUM | β | 0 |
| CVE-2023-29576 Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. | 5.5 | MEDIUM | β | 0 |
| CVE-2023-22613 An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed... | 8.8 | HIGH | β | 0 |
| CVE-2022-48437 An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verific... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-30512 CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-1829 A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation.Β The tcindex_delete function which does not properly de... | 7.8 | HIGH | β | 0 |
| CVE-2022-47053 An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-22616 An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before... | 7.8 | HIGH | β | 0 |
| CVE-2023-27826 SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by ab... | 8.8 | HIGH | β | 0 |
| CVE-2023-29574 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. | 5.5 | MEDIUM | β | 0 |
| CVE-2023-29580 yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c. | 5.5 | MEDIUM | β | 0 |
| CVE-2023-23591 The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18... | 4.9 | MEDIUM | β | 0 |
| CVE-2023-27032 Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups(). | 9.8 | CRITICAL | β | 0 |
| CVE-2023-27704 Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS). | 5.5 | MEDIUM | β | 0 |
| CVE-2023-27775 A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-27830 TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact t... | 9.0 | CRITICAL | β | 0 |
| CVE-2023-29571 Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 | MEDIUM | β | 0 |
| CVE-2023-1872 A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which c... | 7.8 | HIGH | β | 0 |
| CVE-2023-27703 The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. | 3.3 | LOW | β | 0 |
| CVE-2023-28488 client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the co... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-26852 An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file. | 7.2 | HIGH | β | 0 |
| CVE-2023-27216 An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. | 8.8 | HIGH | β | 0 |
| CVE-2023-30513 Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 | HIGH | β | 0 |
| CVE-2023-30515 Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 | HIGH | β | 0 |
| CVE-2023-30516 Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Ta... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-30517 Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner ser... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-30518 A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30519 A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-30520 Jenkins Quay.io trigger Plugin 0.1 and earlier does not limit URL schemes for repository homepage URLs submitted via Quay.io trigger webhooks, resulting in a stored cross-site scripting (XSS) vulnerab... | 5.4 | MEDIUM | β | 0 |
| CVE-2023-30637 Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected. | 7.5 | HIGH | β | 0 |
| CVE-2023-30521 A missing permission check in Jenkins Assembla merge request builder Plugin 1.1.13 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified reposi... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-30522 A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30523 Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by us... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30524 Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30525 A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authent... | 8.8 | HIGH | β | 0 |
| CVE-2023-30526 A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token a... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-29569 Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 | MEDIUM | β | 0 |
| CVE-2023-30527 Jenkins WSO2 Oauth Plugin 1.0 and earlier stores the WSO2 Oauth client secret unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jen... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30528 Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-30529 Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30530 Jenkins Consul KV Builder Plugin 2.0.13 and earlier stores the HashiCorp Consul ACL Token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with ac... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-30531 Jenkins Consul KV Builder Plugin 2.0.13 and earlier does not mask the HashiCorp Consul ACL Token on the global configuration form, increasing the potential for attackers to observe and capture it. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-30532 A missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-29584 mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp. | 8.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.