CVE-2022-47609
Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <=Â 2.8.1 versions.
Source: CVE-2022-47609
[월:] 2023년 05월
CVE-2023-22692
CVE-2023-22692
Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <=Â 1.27.1 versions.
Source: CVE-2023-22692
CVE-2023-23813
CVE-2023-23813
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <=Â 3.4.3 versions.
Source: CVE-2023-23813
CVE-2022-47142
CVE-2022-47142
Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.
Source: CVE-2022-47142
CVE-2022-0010
CVE-2022-0010
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.
An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes.
This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.
Source: CVE-2022-0010
CVE-2023-33236
CVE-2023-33236
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authentication for web-based APIs.
Source: CVE-2023-33236
CVE-2023-33235
CVE-2023-33235
MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.
Source: CVE-2023-33235
CVE-2023-33297
CVE-2023-33297
Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.
Source: CVE-2023-33297
CVE-2023-33288
CVE-2023-33288
An issue was discovered in the Linux kernel before 6.2.9. A use-after-free flaw was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race problem.
Source: CVE-2023-33288
CVE-2023-33285
CVE-2023-33285
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.
Source: CVE-2023-33285