Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2023-24201
|
N/A |
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php.
|
06 Feb 2023
|
|
|
CVE-2023-24202
|
N/A |
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php.
|
06 Feb 2023
|
|
|
CVE-2023-20613
|
N/A |
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.
|
06 Feb 2023
|
|
|
CVE-2023-20614
|
N/A |
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.
|
06 Feb 2023
|
|
|
CVE-2023-24198
|
N/A |
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters.
|
06 Feb 2023
|
|
|
CVE-2023-24199
|
N/A |
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php.
|
06 Feb 2023
|
|
|
CVE-2023-20608
|
N/A |
In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599.
|
06 Feb 2023
|
|
|
CVE-2023-20610
|
N/A |
In display drm, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363469; Issue ID: ALPS07363469.
|
06 Feb 2023
|
|
|
CVE-2023-20611
|
N/A |
In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678.
|
06 Feb 2023
|
|
|
CVE-2023-20612
|
N/A |
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571.
|
06 Feb 2023
|
|
|
CVE-2022-44343
|
N/A |
CRMEB 4.4.4 is vulnerable to Any File download.
|
06 Feb 2023
|
|
|
CVE-2023-20602
|
N/A |
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107.
|
06 Feb 2023
|
|
|
CVE-2023-20604
|
N/A |
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067.
|
06 Feb 2023
|
|
|
CVE-2023-20605
|
N/A |
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
|
06 Feb 2023
|
|
|
CVE-2023-20606
|
N/A |
In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104.
|
06 Feb 2023
|
|
|
CVE-2023-24191
|
N/A |
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php.
|
06 Feb 2023
|
|
|
CVE-2021-36225
|
N/A |
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation.
|
06 Feb 2023
|
|
|
CVE-2021-36226
|
N/A |
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.
|
06 Feb 2023
|
|
|
CVE-2022-28923
|
N/A |
Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.
|
06 Feb 2023
|
|
|
CVE-2022-46496
|
N/A |
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.
|
06 Feb 2023
|
|
|
CVE-2022-47071
|
N/A |
In NVS365 V01, the background network test function can trigger command execution.
|
06 Feb 2023
|
|
|
CVE-2023-20618
|
N/A |
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519184; Issue ID: ALPS07519184.
|
06 Feb 2023
|
|
|
CVE-2023-20619
|
N/A |
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159.
|
06 Feb 2023
|
|
|
CVE-2023-23333
|
N/A |
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
|
06 Feb 2023
|
|
|
CVE-2023-24276
|
N/A |
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.
|
06 Feb 2023
|
CVE-2023-24201
N/A
06 Feb 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php.
CVE-2023-24202
N/A
06 Feb 2023
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php.
CVE-2023-20613
N/A
06 Feb 2023
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628614; Issue ID: ALPS07628614.
CVE-2023-20614
N/A
06 Feb 2023
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.
CVE-2023-24198
N/A
06 Feb 2023
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters.
CVE-2023-24199
N/A
06 Feb 2023
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php.
CVE-2023-20608
N/A
06 Feb 2023
In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599.
CVE-2023-20610
N/A
06 Feb 2023
In display drm, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363469; Issue ID: ALPS07363469.
CVE-2023-20611
N/A
06 Feb 2023
In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678.
CVE-2023-20612
N/A
06 Feb 2023
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629571; Issue ID: ALPS07629571.
CVE-2022-44343
N/A
06 Feb 2023
CRMEB 4.4.4 is vulnerable to Any File download.
CVE-2023-20602
N/A
06 Feb 2023
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107.
CVE-2023-20604
N/A
06 Feb 2023
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067.
CVE-2023-20605
N/A
06 Feb 2023
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
CVE-2023-20606
N/A
06 Feb 2023
In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104.
CVE-2023-24191
N/A
06 Feb 2023
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php.
CVE-2021-36225
N/A
06 Feb 2023
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation.
CVE-2021-36226
N/A
06 Feb 2023
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.
CVE-2022-28923
N/A
06 Feb 2023
Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.
CVE-2022-46496
N/A
06 Feb 2023
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.
CVE-2022-47071
N/A
06 Feb 2023
In NVS365 V01, the background network test function can trigger command execution.
CVE-2023-20618
N/A
06 Feb 2023
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519184; Issue ID: ALPS07519184.
CVE-2023-20619
N/A
06 Feb 2023
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159.
CVE-2023-23333
N/A
06 Feb 2023
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
CVE-2023-24276
N/A
06 Feb 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.
Page 701 of 758
Page 701 of 758