CVE-2023-2112

Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0. 

Source: CVE-2023-2112

CVE-2023-0383

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1

due to uncontrolled memory consumption.

Source: CVE-2023-0383

CVE-2023-0384

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1

due to uncontrolled memory consumption for a scheduled job.

Source: CVE-2023-0384

CVE-2023-28047

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.

Source: CVE-2023-28047

CVE-2022-4942

A vulnerability was found in mportuga eslint-detailed-reporter up to 0.9.0 and classified as problematic. Affected by this issue is the function renderIssue in the library lib/template-generator.js. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The name of the patch is 505c190efd4905990db6207863bdcbd9b1d7e1bd. It is recommended to apply a patch to fix this issue. VDB-226310 is the identifier assigned to this vulnerability.

Source: CVE-2022-4942

CVE-2014-125099

A vulnerability has been found in I Recommend This Plugin up to 3.7.2 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the file dot-irecommendthis.php. The manipulation leads to sql injection. The attack can be launched remotely. Upgrading to version 3.7.3 is able to address this issue. The name of the patch is 058b3ef5c7577bf557557904a53ecc8599b13649. It is recommended to upgrade the affected component. The identifier VDB-226309 was assigned to this vulnerability.

Source: CVE-2014-125099

CVE-2023-2191

Cross-site Scripting (XSS) – Stored in GitHub repository azuracast/azuracast prior to 0.18.

Source: CVE-2023-2191

CVE-2023-28327

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.

Source: CVE-2023-28327

CVE-2023-2166

A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service.

Source: CVE-2023-2166

CVE-2023-28328

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.

Source: CVE-2023-28328