CVE-2023-4007
Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
Source: CVE-2023-4007
CVE-2023-4007
Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
Source: CVE-2023-4007
CVE-2023-35016
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772.
Source: CVE-2023-35016
CVE-2023-35019
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.
Source: CVE-2023-35019
CVE-2023-4005
Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5.
Source: CVE-2023-4005
CVE-2022-43831
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. IBM X-Force ID: 238941.
Source: CVE-2022-43831
CVE-2023-4006
Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
Source: CVE-2023-4006
CVE-2023-37217
Tadiran Telecom Aeonix – CWE-204: Observable Response Discrepancy
Source: CVE-2023-37217
CVE-2023-37219
Tadiran Telecom Composit – CWE-1236: Improper Neutralization of Formula Elements in a CSV File
Source: CVE-2023-37219
CVE-2023-37218
Tadiran Telecom Aeonix – CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
Source: CVE-2023-37218
CVE-2023-37216
AnaSystem SensMini M4 – Using the configuration tool, an authenticated user can cause Denial of Service for the device
Source: CVE-2023-37216