Total
2182 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35166 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A | 9.9 CRITICAL |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute any wiki content with the right of the TipsPanel author by creating a tip UI extension. This has been patched in XWiki 15.1-rc-1 and 14.10.5. | |||||
| CVE-2023-35042 | 1 Geoserver | 1 Geoserver | 2024-11-21 | N/A | 9.8 CRITICAL |
| ** DISPUTED ** GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version. | |||||
| CVE-2023-34540 | 1 Langchain | 1 Langchain | 2024-11-21 | N/A | 9.8 CRITICAL |
| Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available. | |||||
| CVE-2023-34034 | 1 Vmware | 1 Spring Security | 2024-11-21 | N/A | 9.1 CRITICAL |
| Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass. | |||||
| CVE-2023-33796 | 1 Netbox Project | 1 Netbox | 2024-11-21 | N/A | 9.1 CRITICAL |
| ** DISPUTED ** A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; queries for database objects would have been denied. | |||||
| CVE-2023-33562 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | N/A | 9.8 CRITICAL |
| User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||||
| CVE-2023-33561 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | N/A | 9.8 CRITICAL |
| Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords. | |||||
| CVE-2023-33379 | 1 Connectedio | 2 Er2000t-vz-cat1, Er2000t-vz-cat1 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Connected IO v2.1.0 and prior has a misconfiguration in their MQTT broker used for management and device communication, which allows devices to connect to the broker and issue commands to other device, impersonating Connected IO management platform and sending commands to all of Connected IO's devices. | |||||
| CVE-2023-32566 | 1 Ivanti | 1 Avalanche | 2024-11-21 | N/A | 9.1 CRITICAL |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. | |||||
| CVE-2023-32565 | 1 Ivanti | 1 Avalanche | 2024-11-21 | N/A | 9.1 CRITICAL |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. | |||||
| CVE-2023-32419 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2023-32321 | 1 Okfn | 1 Ckan | 2024-11-21 | N/A | 9.8 CRITICAL |
| CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in Ckan which may lead to remote code execution. An arbitrary file write in `resource_create` and `package_update` actions, using the `ResourceUploader` object. Also reachable via `package_create`, `package_revise`, and `package_patch` via calls to `package_update`. Remote code execution via unsafe pickle loading, via Beaker's session store when configured to use the file session store backend. Potential DOS due to lack of a length check on the resource id. Information disclosure: A user with permission to create a resource can access any other resource on the system if they know the id, even if they don't have access to it. Resource overwrite: A user with permission to create a resource can overwrite any resource if they know the id, even if they don't have access to it. A user with permissions to create or edit a dataset can upload a resource with a specially crafted id to write the uploaded file in an arbitrary location. This can be leveraged to Remote Code Execution via Beaker's insecure pickle loading. All the above listed vulnerabilities have been fixed in CKAN 2.9.9 and CKAN 2.10.1. Users are advised to upgrade. There are no known workarounds for these issues. | |||||
| CVE-2023-32314 | 1 Vm2 Project | 1 Vm2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-32232 | 1 Vasion | 1 Printerlogic Client | 2024-11-21 | N/A | 9.9 CRITICAL |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges). | |||||
| CVE-2023-32231 | 1 Vasion | 1 Printerlogic Client | 2024-11-21 | N/A | 9.9 CRITICAL |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution. | |||||
| CVE-2023-32080 | 1 Pterodactyl | 1 Wings | 2024-11-21 | N/A | 9.0 CRITICAL |
| Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to modify an server's install script or the install script executes code supplied by the user (either through environment variables, or commands that execute commands based off of user data). This vulnerability has been resolved in version `v1.11.6` of Wings, and has been back-ported to the 1.7 release series in `v1.7.5`. Anyone running `v1.11.x` should upgrade to `v1.11.6` and anyone running `v1.7.x` should upgrade to `v1.7.5`. There are no workarounds aside from upgrading. Running Wings with a rootless container runtime may mitigate the severity of any attacks, however the majority of users are using container runtimes that run as root as per the Wings documentation. SELinux may prevent attackers from performing certain operations against the host system, however privileged containers have a lot of freedom even on systems with SELinux enabled. It should be noted that this was a known attack vector, for attackers to easily exploit this attack it would require compromising an administrator account on a Panel. However, certain eggs (the data structure that holds the install scripts that get passed to Wings) have an issue where they are unknowingly executing shell commands with escalated privileges provided by untrusted user data. | |||||
| CVE-2023-32057 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-31488 | 1 Cisco | 3 Ironport Email Security Appliance, Secure Email Gateway, Secure Email Gateway Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow attackers to trigger a segmentation fault and execute arbitrary code via a crafted document. | |||||
| CVE-2023-31191 | 1 Bluemark | 2 Dronescout Ds230, Dronescout Ds230 Firmware | 2024-11-21 | N/A | 9.3 CRITICAL |
| DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, on carefully selected channels, high power spoofed Open Drone ID (ODID) messages which force the DroneScout ds230 Remote ID receiver to drop real Remote ID (RID) information and, instead, generate and transmit JSON encoded MQTT messages containing crafted RID information. Consequently, the MQTT broker, typically operated by a system integrator, will have no access to the drones’ real RID information. This issue affects the adjacent channel suppression algorithm present in DroneScout ds230 firmware from version 20211210-1627 through 20230329-1042. | |||||
| CVE-2023-30909 | 1 Hp | 1 Oneview | 2024-11-21 | N/A | 9.8 CRITICAL |
| A remote authentication bypass issue exists in some OneView APIs. | |||||