CVEs Today
Latest Information on Common Vulnerabilities and Exposures (CVEs)
Last updated: August 16, 2024. 11:01:01 UTC
click on an item for more info;
| ID | Description | Modified | References |
|---|---|---|---|
| CVE-2023-27407 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-27409 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-27410 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-28832 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-29103 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-29104 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-29105 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS). | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-29106 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint. | May 9, 2023. 14:30:00 | [cert-portal.siemens.com] |
| CVE-2023-29460 | An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability. | May 9, 2023. 14:30:00 | [rockwellautomation.custhelp.com] |
| CVE-2023-29461 | An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complete loss of confidentiality, integrity, and availability. | May 9, 2023. 14:30:00 | [rockwellautomation.custhelp.com] |
| CVE-2023-31134 | Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be bypassed by redirecting an existing Tauri window to an external website. This is either possible by an application implementing a feature for users to visit arbitrary websites or due to a bug allowing the open redirect. This allows the external website access to the IPC layer and therefore to all configured and exposed Tauri API endpoints and application specific implemented Tauri commands. This issue has been patched in versions 1.0.9, 1.1.4, and 1.2.5. As a workaround, prevent arbitrary input in redirect features and/or only allow trusted websites access to the IPC. | May 9, 2023. 14:30:00 | [github.com][www.github.com] |
| CVE-2020-26298 | Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the `:escape_html` option was being used. This is fixed in version 3.5.1 by the referenced commit. | May 9, 2023. 04:15:00 | [github.com][rubygems.org] |
| CVE-2022-28888 | Spryker Commerce OS 1.4.2 allows Remote Command Execution. | May 9, 2023. 04:15:00 | [schutzwerk.com][www.schutzwerk.com] |
| CVE-2023-30265 | CLTPHP <=6.0 is vulnerable to Directory Traversal. | May 9, 2023. 03:15:00 | [gist.github.com] |
| CVE-2023-30269 | CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php. | May 9, 2023. 03:15:00 | [gist.github.com] |
| CVE-2021-44283 | A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system. | May 9, 2023. 03:15:00 | [electronics.com][shieldstore.com] |
| CVE-2022-4537 | The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in. | May 9, 2023. 03:15:00 | [plugins.trac.wordpress.org][www.wordfence.com] |
| CVE-2023-30441 | IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188. | May 9, 2023. 02:31:00 | [www.ibm.com][www.ibm.com] |
| CVE-2023-26813 | SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do. | May 9, 2023. 02:25:00 | [github.com] |
| CVE-2023-30455 | An issue was discovered in ebankIT before 7. A Denial-of-Service attack is possible through the GET parameter EStatementsIds located on the /Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx endpoint. The GET parameter accepts over 100 comma-separated e-statement IDs without throwing an error. When this many IDs are supplied, the server takes around 60 seconds to respond and successfully generate the expected ZIP archive (during this time period, no other pages load). A threat actor could issue a request to this endpoint with 100+ statement IDs every 30 seconds, potentially resulting in an overload of the server for all users. | May 9, 2023. 02:16:00 | [packetstormsecurity.com][blog.ebankit.com] |
Page 1331 of 1338
