CVEs from 2023
Total
6,454
critical
critical 221
high
high 1,481
medium
medium 1,383
low
low 30
% Critical
3.4%
% with KEV
2.5%
% with exploit
3.0%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33161 | high | 7.8 | 7.8 | 3y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-33158 | high | 7.8 | 7.8 | 3y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-33152 | high | 7.8 | 7.8 | 3y ago | Microsoft ActiveX Remote Code Execution Vulnerability | |||
| CVE-2023-33149 | high | 7.8 | 7.8 | 3y ago | Microsoft Office Graphics Remote Code Execution Vulnerability | |||
| CVE-2023-33148 | high | 7.8 | 7.8 | 3y ago | Microsoft Office Elevation of Privilege Vulnerability | |||
| CVE-2023-28260 | high | 7.8 | 7.8 | 3y ago | .NET DLL Hijacking Remote Code Execution Vulnerability | |||
| CVE-2023-25446 | high | 7.7 | 7.7 | 5mo ago | Missing Authorization vulnerability in HappyFiles HappyFiles Pro happyfiles-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a thr… | |||
| CVE-2023-51500 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in Undsgn Uncode Core.This issue affects Uncode Core: from n/a through 2.8.8. | |||
| CVE-2023-51418 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6. | |||
| CVE-2023-39313 | high | 7.7 | 7.7 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | |||
| CVE-2023-26003 | high | 7.6 | 7.6 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows SQL Injection. This issue affects WP Post Corrector: from… | |||
| CVE-2023-35037 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.3.2.357. | |||
| CVE-2023-47843 | high | 7.6 | 7.6 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | |||
| CVE-2023-23991 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPdevelop / Oplugins Booking Calendar allows SQL Injection.This issue affects Booking Calendar: f… | |||
| CVE-2023-42346 | high | 7.5 | 7.5 | 22d ago | Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host | |||
| CVE-2023-54347 | high | 7.5 | 7.5 | 25d ago | OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers c… | |||
| CVE-2023-54346 | high | 7.5 | 7.5 | 25d ago | WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file path… | |||
| CVE-2023-52356 | high | 7.5 | 7.5 | 7mo ago | RHSA-2024:5079: libtiff security update (Moderate) | |||
| CVE-2023-25995 | high | 7.5 | 7.5 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. Thi… | |||
| CVE-2023-47693 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issu… | |||
| CVE-2023-47648 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.3.5. | |||
| CVE-2023-47224 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 7.8.0. | |||
| CVE-2023-39920 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 wpcf7-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection f… | |||
| CVE-2023-32585 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gal… | |||
| CVE-2023-32520 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0. | |||
| CVE-2023-30490 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8. | |||
| CVE-2023-25988 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gal… | |||
| CVE-2023-49831 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.Thi… | |||
| CVE-2023-25714 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Paypal Payments: from n/a throu… | |||
| CVE-2023-23976 | high | 7.5 | 7.5 | 2y ago | Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9… | |||
| CVE-2023-44227 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Mitchell Bennis Simple File List.This issue affects Simple File List: from n/a through 6.1.9. | |||
| CVE-2023-51672 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | |||
| CVE-2023-44989 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5. | |||
| CVE-2023-6255 | high | 7.5 | 7.5 | 2y ago | Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App allows Read Sensitive Strings Within an Executable. This issue affects SoliPay Mobile App: before 5.… | |||
| CVE-2023-4993 | high | 7.5 | 7.5 | 2y ago | Incorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users. This issue affects SoliPay Mobile App: before 5.0.8. | |||
| CVE-2023-6519 | high | 7.5 | 7.5 | 2y ago | Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-6518 | high | 7.5 | 7.5 | 2y ago | Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-6517 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as Provided by Users. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-50781 | high | 7.5 | 7.5 | 2y ago | m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657 | |||
| CVE-2023-6779 | high | 7.5 | 7.5 | 2y ago | An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these f… | |||
| CVE-2023-52187 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Sho… | |||
| CVE-2023-6919 | high | 7.5 | 7.5 | 2y ago | Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C. | |||
| CVE-2023-5363 | high | 7.5 | 7.5 | 2y ago | Moderate: openssl security update | |||
| CVE-2023-51508 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database Cleaner: Clean, Optimize & Repair.This issue affects Database Cleaner: Clean, Optimize & Repair: from n… | |||
| CVE-2023-51490 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scan… | |||
| CVE-2023-51408 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin… | |||
| CVE-2023-51406 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Du… | |||
| CVE-2023-52208 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2. | |||
| CVE-2023-52190 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | |||
| CVE-2023-52143 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37. | |||
| CVE-2023-51503 | high | 7.5 | 7.5 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solut… | |||
| CVE-2023-52185 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backu… | |||
| CVE-2023-51688 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress.This issue affects eCommerce Product Catalog Plugin for WordPress:… | |||
| CVE-2023-51687 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode Product Catalog Simple.This issue affects Product Catalog Simple: from n/a through 1.7.6. | |||
| CVE-2023-51527 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4:… | |||
| CVE-2023-27447 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – … | |||
| CVE-2023-32747 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78. | |||
| CVE-2023-49162 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6. | |||
| CVE-2023-48288 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin … | |||
| CVE-2023-2487 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refu… | |||
| CVE-2023-28421 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP E… | |||
| CVE-2023-49762 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite – Create an app with the Best Mobile App Builder.This issue affects AppMySite – Create an app with the … | |||
| CVE-2023-35916 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solut… | |||
| CVE-2023-35914 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2. | |||
| CVE-2023-32590 | high | 7.5 | 7.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Ca… | |||
| CVE-2023-37871 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6. | |||
| CVE-2023-49812 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. | |||
| CVE-2023-44991 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Media File Renamer: Rename Files (Manual, Auto & AI).This issue affects Media File Renamer: Rename Files (Manual… | |||
| CVE-2023-44983 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aruba.It Aruba HiSpeed Cache.This issue affects Aruba HiSpeed Cache: from n/a through 2.0.6. | |||
| CVE-2023-44982 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina).This issue affects Perfect Images (Manage Image… | |||
| CVE-2023-49159 | high | 7.5 | 7.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4. | |||
| CVE-2023-5637 | high | 7.5 | 7.5 | 3y ago | Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable. This issue affects Education Portal: before v1.1. | |||
| CVE-2023-5635 | high | 7.5 | 7.5 | 3y ago | Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting. This issue affects Education Portal: before v1.1. | |||
| CVE-2023-45066 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refu… | |||
| CVE-2023-44150 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Cont… | |||
| CVE-2023-41735 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2. | |||
| CVE-2023-40662 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n… | |||
| CVE-2023-40600 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n… | |||
| CVE-2023-40211 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a thro… | |||
| CVE-2023-37972 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCo… | |||
| CVE-2023-6136 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.0. | |||
| CVE-2023-47827 | high | 7.5 | 7.5 | 3y ago | Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a… | |||
| CVE-2023-6151 | high | 7.5 | 7.5 | 3y ago | Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105. | |||
| CVE-2023-6150 | high | 7.5 | 7.5 | 3y ago | Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105. | |||
| CVE-2023-47529 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeIsle Cloud Templates & Patterns collection.This issue affects Cloud Templates & Patterns collection: from n/a through … | |||
| CVE-2023-47244 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Omnisend Email Marketing for WooCommerce by Omnisend.This issue affects Email Marketing for WooCommerce by Omnisend: from n… | |||
| CVE-2023-6118 | high | 7.5 | 7.5 | 3y ago | Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1. | |||
| CVE-2023-5983 | high | 7.5 | 7.5 | 3y ago | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Botanik Software Pharmacy Automation allows Retrieve Embedded Sensitive Data. This issue affects Pharmacy Automatio… | |||
| CVE-2023-46207 | high | 7.5 | 7.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6. | |||
| CVE-2023-34013 | high | 7.5 | 7.5 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2. | |||
| CVE-2023-47360 | high | 7.5 | 7.5 | 3y ago | Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. | |||
| CVE-2023-5443 | high | 7.5 | 7.5 | 3y ago | Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E-invoice allows Account Footprinting. This issue affects E-invoice: before 2.1. | |||
| CVE-2023-5570 | high | 7.5 | 7.5 | 3y ago | Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Inohom Home Manager Gateway allows Account Footprinting. This issue affects Home Manager Gateway: before v.1.27.12. | |||
| CVE-2023-46136 | high | 7.5 | 7.5 | 3y ago | Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are a… | |||
| CVE-2023-32078 | high | 7.5 | 7.5 | 3y ago | Netmaker IDOR Allows User to Update Other User's Password in github.com/gravitl/netmaker | |||
| CVE-2023-32077 | high | 7.5 | 7.5 | 3y ago | Netmaker has Hardcoded DNS Secret Key | |||
| CVE-2023-35067 | high | 7.5 | 7.5 | 3y ago | Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable. This issue affects E-Invoice Approval System: before … | |||
| CVE-2023-2959 | high | 7.5 | 7.5 | 3y ago | Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users. This issue affects Oliva Expertise EKS: before 1.2. | |||
| CVE-2023-35069 | high | 7.5 | 7.5 | 3y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal. This issue affects Bullwark: before BLW-2016E-960H. | |||
| CVE-2023-2703 | high | 7.5 | 7.5 | 3y ago | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users… |