Total
78028 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6411 | 1 Aatifaneeq | 1 Voovi | 2024-02-05 | N/A | 7.5 HIGH |
| A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via home.php in the update parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | |||||
| CVE-2023-32302 | 1 Silverstripe | 1 Framework | 2024-02-05 | N/A | N/A |
| Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13. | |||||
| CVE-2023-4128 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-02-05 | N/A | N/A |
| A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. | |||||
| CVE-2023-24787 | 1 Churchcrm | 1 Churchcrm | 2024-02-04 | N/A | N/A |
| RESERVED churchcrm v4.5.3 was discovered to contain a SQL injection vulnerability via the Event parameter at /churchcrm/EventAttendance.php. | |||||
| CVE-2023-1632 | 1 Ellucian | 1 Banner Web Tailor | 2024-02-04 | N/A | N/A |
| ** DISPUTED ** A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This vulnerability affects unknown code of the file /PROD_ar/twbkwbis.P_FirstMenu of the component Login Page. The manipulation of the argument PIDM/WEBID leads to improper authorization. The attack can be initiated remotely. After submitting proper login credentials it becomes possible to generate new valid session identifiers on the OTP page. The real existence of this vulnerability is still doubted at the moment. VDB-224014 is the identifier assigned to this vulnerability. | |||||
| CVE-2020-35537 | 1 Gnu | 1 Gcc | 2024-02-04 | N/A | N/A |
| In gcc, a crafted input source file could cause g++ to crash during compilation when provided certain optimization flags. The problem resides in the ipcp_store_vr_results function in gcc/ipa-cp.c. | |||||
| CVE-2022-36757 | 1 Mi | 1 Mi Browser | 2024-02-04 | N/A | N/A |
| Xaomi Mi Browser v13.10.0-gn contains a vulnerability which allows attackers to execute arbitrary code via user interaction with a crafted URL. | |||||
| CVE-2022-3522 | 1 Linux | 1 Linux Kernel | 2024-02-04 | N/A | N/A |
| A vulnerability was found in Linux Kernel and classified as problematic. This issue affects the function hugetlb_no_page of the file mm/hugetlb.c. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211019. | |||||