CVE-2023-29255
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991.
Source: CVE-2023-29255
CVE-2023-2340
Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2340
CVE-2023-30444
IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350.
Source: CVE-2023-30444
CVE-2023-2339
Cross-site Scripting (XSS) – Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2339
CVE-2023-2338
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2338
CVE-2023-2336
Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2336
CVE-2023-2331
Unquoted Search Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows allows Privilege Escalation, Local Execution of Code.This issue affects Surelock Windows : 2.40.0.
Source: CVE-2023-2331
CVE-2023-1778
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.
The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.
Source: CVE-2023-1778
CVE-2023-2328
Cross-site Scripting (XSS) – Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2328
CVE-2023-2327
Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
Source: CVE-2023-2327