CVE-2023-1135
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set incorrect directory permissions, which could result in local privilege escalation.
Source: CVE-2023-1135
[월:] 2023년 03월
CVE-2023-1136
CVE-2023-1136
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass.
Source: CVE-2023-1136
CVE-2023-27096
CVE-2023-27096
Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker to obtain sensitive information via the ConfigVerifyController function of the Tenant Management module.
Source: CVE-2023-27096
CVE-2022-30705
CVE-2022-30705
Cross-Site Request Forgery (CSRF) vulnerability in Pankaj Jha WordPress Ping Optimizer plugin <= 2.35.1.2.3 versions.
Source: CVE-2022-30705
CVE-2023-26958
CVE-2023-26958
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter.
Source: CVE-2023-26958
CVE-2022-47925
CVE-2022-47925
The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0 processes tests with unexpected names. This insufficient input validation of requests by an unauthenticated remote user might lead to a DoS of the process answering the current request while having no effect on other requests.
Source: CVE-2022-47925
CVE-2022-47924
CVE-2022-47924
An high privileged attacker may pass crafted arguments to the validate function of csaf-validator-lib of a locally installed Secvisogram in versions < 0.1.0 wich can result in arbitrary code execution and DoS once the users triggers the validation.
Source: CVE-2022-47924
CVE-2022-46843
CVE-2022-46843
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Le Van Toan Woocommerce Vietnam Checkout plugin <= 2.0.4 versions.
Source: CVE-2022-46843
CVE-2022-41354
CVE-2022-41354
An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.
Source: CVE-2022-41354
CVE-2023-24094
CVE-2023-24094
An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.
Source: CVE-2023-24094