Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-46728 |
Description: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVSS: HIGH (7.5) EPSS Score: 0.53%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-46646 |
Description: Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected GitHub Enterprise Server version 3.7.0 and above and was fixed in version 3.17.19, 3.8.12, 3.9.7 3.10.4, and 3.11.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.08%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-46260 |
|
|
CVE-2023-46217 |
|
|
CVE-2023-45120 |
Description: Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.
CVSS: CRITICAL (9.8) EPSS Score: 0.08%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-45117 |
Description: Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.
CVSS: CRITICAL (9.8) EPSS Score: 0.08%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-44482 |
Description: Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS: HIGH (8.8) EPSS Score: 0.04%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-44389 |
Description: Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6.
CVSS: LOW (3.1) EPSS Score: 0.06%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-43870 |
Description: When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create their own certificates to emulate another site. Then by establishing a proxy service to emulate the site they could monitor traffic passed between the end user and the site allowing access to the data content.
CVSS: HIGH (8.1) EPSS Score: 0.12%
November 28th, 2024 (5 months ago)
|
|
CVE-2023-42800 |
Description: Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0.
CVSS: HIGH (8.8) EPSS Score: 0.9%
November 28th, 2024 (5 months ago)
|