Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2023-31149 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute... | 9.1 | CRITICAL | — | 0 |
| CVE-2025-48314 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in salubrio Add Code To Head add-code-to-head allows Stored XSS.This issue affects Add Code To Head: ... | N/A | NONE | — | 0 |
| CVE-2023-31151 An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to... | 4.7 | MEDIUM | — | 0 |
| CVE-2023-31152 An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypa... | 4.0 | MEDIUM | — | 0 |
| CVE-2023-31153 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfac... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31154 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31155 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31156 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31157 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31158 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31159 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31160 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31161 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use inter... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-31162 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitraril... | 4.8 | MEDIUM | — | 0 |
| CVE-2023-31163 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31164 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31165 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interfa... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-31166 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface coul... | 4.1 | MEDIUM | — | 0 |
| CVE-2022-29842 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file ... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-32080 Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. T... | 9.0 | CRITICAL | — | 0 |
| CVE-2022-29841 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system co... | 8.0 | HIGH | — | 0 |
| CVE-2023-29276 Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati... | 7.8 | HIGH | — | 0 |
| CVE-2022-29840 Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud ... | 5.1 | MEDIUM | — | 0 |
| CVE-2023-2641 A vulnerability was found in SourceCodester Online Internship Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/login.php of ... | 7.3 | HIGH | — | 0 |
| CVE-2023-2642 A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/facebox_modal/updateCourse.php of the componen... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2643 A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/update_password.php of the component PO... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2644 A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHo... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-2645 A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/pas... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-2647 A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload ... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2648 A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Fil... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2649 A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulat... | 7.2 | HIGH | — | 0 |
| CVE-2023-2652 A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_item. The manipu... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2653 A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file items/index.php. The ma... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-2490 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fernando Briano UserAgent-Spy plugin <= 1.3.1 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-31445 Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users ... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-0851 Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected produ... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0852 Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the af... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0853 Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0854 Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigg... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0855 Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected prod... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0856 Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product ... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-0857 Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may ... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-0858 Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the produ... | 3.1 | LOW | — | 0 |
| CVE-2023-0859 Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C ... | 2.2 | LOW | — | 0 |
| CVE-2023-2656 A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipul... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-29246 An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 | 7.2 | HIGH | — | 0 |
| CVE-2023-2657 A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The man... | 3.5 | LOW | — | 0 |
| CVE-2023-2658 A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file products.php.... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-22720 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Robert Macchi WP Links Page plugin <= 4.9.3 versions. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-2659 A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file view_product.php. The manipulation of the ... | 6.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.