CVE-2023-31016
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Source: CVE-2023-31016
CVE-2023-4217
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.
Source: CVE-2023-4217
CVE-2023-5846
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
Source: CVE-2023-5846
CVE-2023-5035
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.
Source: CVE-2023-5035
CVE-2023-38473
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
Source: CVE-2023-38473
CVE-2022-4900
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
Source: CVE-2022-4900
CVE-2023-38471
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
Source: CVE-2023-38471
CVE-2023-38470
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
Source: CVE-2023-38470
CVE-2023-45345
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The ‘*_deleted’ parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database.
Source: CVE-2023-45345