Total
9778 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20061 | 1 Cisco | 4 Packaged Contact Center Enterprise, Unified Contact Center Enterprise, Unified Contact Center Express and 1 more | 2024-11-21 | 6.5 Medium |
| Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities. | ||||
| CVE-2023-1858 | 1 Earnings And Expense Tracker App Project | 1 Earnings And Expense Tracker App | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-224997 was assigned to this vulnerability. | ||||
| CVE-2023-1790 | 1 Simple Task Allocation System Project | 1 Simple Task Allocation System | 2024-11-21 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in SourceCodester Simple Task Allocation System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224724. | ||||
| CVE-2023-1769 | 1 Grade Point Average \(gpa\) Calculator Project | 1 Grade Point Average \(gpa\) Calculator | 2024-11-21 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224670 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1683 | 1 Xunruicms | 1 Xunruicms | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240. | ||||
| CVE-2023-1633 | 2 Openstack, Redhat | 3 Barbican, Openstack, Openstack Platform | 2024-11-21 | 6.6 Medium |
| A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials. | ||||
| CVE-2023-1584 | 2 Quarkus, Redhat | 3 Quarkus, Quarkus, Service Registry | 2024-11-21 | 7.5 High |
| A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens. | ||||
| CVE-2023-1402 | 1 Moodle | 1 Moodle | 2024-11-21 | 4.3 Medium |
| The course participation report required additional checks to prevent roles being displayed which the user did not have access to view. | ||||
| CVE-2023-0658 | 1 Multilaser | 4 Re057, Re057 Firmware, Re170 and 1 more | 2024-11-21 | 5.3 Medium |
| A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 was assigned to this vulnerability. | ||||
| CVE-2023-0248 | 1 Johnsoncontrols | 2 Iosmart Gen 1, Iosmart Gen 1 Firmware | 2024-11-21 | 7.5 High |
| An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader. | ||||
| CVE-2023-0238 | 1 Cloudflare | 1 Warp | 2024-11-21 | 3.9 Low |
| Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app. | ||||
| CVE-2023-0113 | 1 Netis-systems | 2 Netcore Router, Netcore Router Firmware | 2024-11-21 | 5.3 Medium |
| A vulnerability was found in Netis Netcore Router up to 2.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-217591. | ||||
| CVE-2022-4869 | 1 Evolution-events | 1 Artaxerxes | 2024-11-21 | 3.5 Low |
| A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The attack can be initiated remotely. The patch is identified as 022111407d34815c16c6eada2de69ca34084dc0d. It is recommended to apply a patch to fix this issue. VDB-217438 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-4862 | 1 M-files | 1 M-files Server | 2024-11-21 | 5 Medium |
| Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3. | ||||
| CVE-2022-4228 | 1 Book Store Management System Project | 1 Book Store Management System | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214587. | ||||
| CVE-2022-48520 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48519 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48516 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality. | ||||
| CVE-2022-48514 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 High |
| The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2022-48510 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.8 Critical |
| Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. | ||||