CVE-2023-37613
A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter.
Source: CVE-2023-37613
[월:] 2023년 07월
CVE-2023-3324
CVE-2023-3324
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Abilityâ„¢ zenon: from 11 build through 11 build 106404.
Source: CVE-2023-3324
CVE-2023-3323
CVE-2023-3323
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Abilityâ„¢ zenon: from 11 build through 11 build 106404.
Source: CVE-2023-3323
CVE-2023-3322
CVE-2023-3322
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Abilityâ„¢ zenon: from 11 build through 11 build 106404.
Source: CVE-2023-3322
CVE-2023-3321
CVE-2023-3321
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Abilityâ„¢ zenon: from 11 build through 11 build 106404.
Source: CVE-2023-3321
CVE-2023-26077
CVE-2023-26077
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.
Source: CVE-2023-26077
CVE-2023-3870
CVE-2023-3870
** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Source: CVE-2023-3870
CVE-2023-3745
CVE-2023-3745
A heap-based buffer overflow issue was found in ImageMagick’s PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service.
Source: CVE-2023-3745
CVE-2023-3750
CVE-2023-3750
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.
Source: CVE-2023-3750
CVE-2023-3748
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.
Source: CVE-2023-3748