Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2023-3745 A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted fi... | 5.5 | MEDIUM | β | 0 |
| CVE-2023-3748 A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the uni... | 3.5 | LOW | β | 0 |
| CVE-2023-3750 A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same ob... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-3812 An out-of-bounds memory access flaw was found in the Linux kernelβs TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This... | 7.8 | HIGH | β | 0 |
| CVE-2023-26077 Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. | 7.8 | HIGH | β | 0 |
| CVE-2023-3322 A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially cra... | 7.0 | HIGH | β | 0 |
| CVE-2023-3323 A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially cra... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-3324 A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially cra... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-37613 A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter. | 6.1 | MEDIUM | β | 0 |
| CVE-2021-39421 A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 | MEDIUM | β | 0 |
| CVE-2023-26045 NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-3871 A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. This affects an unknown part of the file /admin/edit_category.php. The manipulation of the argume... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3872 A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. This vulnerability affects unknown code of the file /admin/edit-services.php. The manipulation of the ... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-22428 Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prio... | 7.6 | HIGH | β | 0 |
| CVE-2023-22363 A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-25074 Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1... | 7.1 | HIGH | β | 0 |
| CVE-2023-37216 AnaSystem SensMini M4 β Using the configuration tool, an authenticated user can cause Denial of Service for the device | 7.5 | HIGH | β | 0 |
| CVE-2023-3873 A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. This issue affects some unknown processing of the file /admin/index.php. The manipula... | 7.3 | HIGH | β | 0 |
| CVE-2023-32231 An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the f... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-32232 An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. Th... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-33777 An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-37361 REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization. | 2.7 | LOW | β | 0 |
| CVE-2023-35043 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Neha Goel Recent Posts Slider plugin <=Β 1.1 versions. | 7.1 | HIGH | β | 0 |
| CVE-2023-3874 A vulnerability, which was classified as critical, was found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of ... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-23568 Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-3875 A vulnerability has been found in Campcodes Beauty Salon Management System 0.1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/del_feedback.... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3876 A vulnerability was found in Campcodes Beauty Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/search-appointment.php. Th... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3877 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/add-services.php. The manipulation of the... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3878 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation o... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-32639 Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker... | 5.5 | MEDIUM | β | 0 |
| CVE-2023-3879 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/del_category.php. The manipulati... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3880 A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file /admin/del_service.php. The manipulation of the argum... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3881 A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-3882 A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-accepted... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-32637 GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbi... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-3046 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Scienta allows SQL Injection.This issue affects Scienta: before 20230630.1953. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-3883 A vulnerability, which was classified as problematic, was found in Campcodes Beauty Salon Management System 1.0. This affects an unknown part of the file /admin/add-category.php. The manipulation of t... | 3.5 | LOW | β | 0 |
| CVE-2023-3884 A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulat... | 3.5 | LOW | β | 0 |
| CVE-2023-35066 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection.This issue affects E-Invoice Appr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-3885 A vulnerability was found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/edit_category.php. The manipulati... | 3.5 | LOW | β | 0 |
| CVE-2023-21405 Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod proce... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-21406 Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP commun... | 7.1 | HIGH | β | 0 |
| CVE-2023-3886 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/invoice.php. The manipulation of th... | 3.5 | LOW | β | 0 |
| CVE-2023-3887 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/search-app... | 3.5 | LOW | β | 0 |
| CVE-2023-37217 Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy | 5.3 | MEDIUM | β | 0 |
| CVE-2023-3888 A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php. ... | 3.5 | LOW | β | 0 |
| CVE-2023-3890 A vulnerability classified as problematic has been found in Campcodes Beauty Salon Management System 1.0. This affects an unknown part of the file /admin/edit-accepted-appointment.php. The manipulatio... | 3.5 | LOW | β | 0 |
| CVE-2023-2850 NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted... | 4.7 | MEDIUM | β | 0 |
| CVE-2023-23833 Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <=Β 1.7.10 versions. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-33925 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <=Β 2.0 versions. | 7.1 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.