» 2023 » 5월

CVE-2023-25481

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-25481

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <=Â 1.3.7 versions.

Source: CVE-2023-25481

CVE-2023-31669

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-31669

WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting ‘@’ before a quote (").

Source: CVE-2023-31669

CVE-2023-23693

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-23693

Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application’s underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Source: CVE-2023-23693

CVE-2023-23694

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-23694

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application’s underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Source: CVE-2023-23694

CVE-2023-2845

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-2845

Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.

Source: CVE-2023-2845

CVE-2023-2844

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-2844

Missing Authorization in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.

Source: CVE-2023-2844

CVE-2023-28408

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-28408

Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings.

Source: CVE-2023-28408

CVE-2023-30469

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-30469

Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component) allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00.

Source: CVE-2023-30469

CVE-2023-27926

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-27926

Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.

Source: CVE-2023-27926

CVE-2023-28367

Posted on 2023년 5월 23일2023년 5월 23일 by admin

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.

Source: CVE-2023-28367