cve.report #0day #Exploit #Vulnerability #Exploits #Vulnerabilities #ZeroDay Tracking the latest CVE Vulnerabilities
Joined April 2015
- Tweets 54,772
- Following 7
- Followers 2,458
- Likes 159
Photos and videos
12 Jul 2023
CVE-2023-33274 : The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface CGI scripts without proper identification or authoriza... cve.report/CVE-2023-33274
3
1,661
12 Jul 2023
CVE-2023-26564 : The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Models/PhysicalFileProvider.cs directory traversal. As a result, an unauthenticated attacker can list files within a directory, download any file, or uplo... cve.report/CVE-2023-26564
1
1,579
12 Jul 2023
CVE-2023-26563 : The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On #Windows, list files in any directory, read any file, delete any ... cve.report/CVE-2023-26563
1
1,225
12 Jul 2023
CVE-2023-3635 : GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class... cve.report/CVE-2023-3635
1
932
12 Jul 2023
CVE-2023-3644 : A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_inquiry. The manipulati... cve.report/CVE-2023-3644
1
691
12 Jul 2023
CVE-2023-3643 : A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This affects an unknown part of the file boss/servlet/document. The manipulation of the argument path leads to file inclusion. ... cve.report/CVE-2023-3643
1
390
12 Jul 2023
CVE-2023-38046 : A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system... cve.report/CVE-2023-38046
338
12 Jul 2023
CVE-2023-37630 : Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting #XSS . An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS.... cve.report/CVE-2023-37630
281
12 Jul 2023
CVE-2023-37629 : Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to "add-pig.php."... cve.report/CVE-2023-37629
236
12 Jul 2023
CVE-2023-37628 : Online Piggery Management System 1.0 is vulnerable to SQL Injection.... cve.report/CVE-2023-37628
192
12 Jul 2023
CVE-2023-3642 : A vulnerability was found in GZ Scripts Vacation Rental Website 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /VacationRentalWebsite/property/8/ad-has-principes/ of t... cve.report/CVE-2023-3642
167
12 Jul 2023
CVE-2023-3641 : A vulnerability has been found in khodakhah NodCMS 3.4.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /en/blog-comment-4 of the component POST Request Handler. The... cve.report/CVE-2023-3641
146
12 Jul 2023
CVE-2023-29319 : Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability... cve.report/CVE-2023-29319
138
12 Jul 2023
CVE-2023-29318 : Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability... cve.report/CVE-2023-29318
135
12 Jul 2023
CVE-2023-37965 : A missing permission check in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through... cve.report/CVE-2023-37965
121
12 Jul 2023
CVE-2023-37964 : A cross-site request forgery CSRF vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth... cve.report/CVE-2023-37964
119
12 Jul 2023
CVE-2023-37963 : A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, `.cs... cve.report/CVE-2023-37963
109
12 Jul 2023
CVE-2023-37962 : A cross-site request forgery CSRF vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, an... cve.report/CVE-2023-37962
104
12 Jul 2023
CVE-2023-37961 : A cross-site request forgery CSRF vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account.... cve.report/CVE-2023-37961
104
12 Jul 2023
CVE-2023-37960 : Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems.... cve.report/CVE-2023-37960
98