Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-50985 — Tenda I29_firmware: i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile
CVE-2023-50984 — Tenda I29_firmware: i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile
CVE-2023-50983 — Tenda I29_firmware: i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. CVSSv3.1 9.8 (CRITICAL) · EPSS 81th percentile
CVE-2023-48795 — Openbsd Openssh: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extension CVSSv3.1 5.9 (MEDIUM) · EPSS 98th percentile
CVE-2023-50918 — Misp-project Misp: app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs. CVSSv3.1 9.8 (CRITICAL) · EPSS 51th percentile
CVE-2023-6553 — Backupbliss Backup_migration: The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile
CVE-2023-47326 — Silverpeas Silverpeas: Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain
Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function. CVSSv3.1 8.8 (HIGH) · EPSS 31th percentile
CVE-2023-47322 — Silverpeas Silverpeas: The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application. CVSSv3.1 8.8 (HIGH) · EPSS 32th percentile
CVE-2023-47320 — Silverpeas Silverpeas: Core 6.3.1 is vulnerable to Incorrect Access Control.
Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below. CVSSv3.1 8.1 (HIGH) · EPSS 50th percentile
CVE-2023-33413 — Supermicro M11sdv-4c-ln4f_firmware: The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC)
The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands. CVSSv3.1 8.8 (HIGH) · EPSS 59th percentile
CVE-2023-33412 — Supermicro M11sdv-4c-ln4f_firmware: The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC)
The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targeting vulnerable cgi endpoints. CVSSv3.1 8.8 (HIGH) · EPSS 65th percentile
CVE-2023-43303 — Linecorp Line: An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send
An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token (via captured network traffic). CVSSv3.1 8.2 (HIGH) · EPSS 41th percentile
CVE-2023-5636 — Arslansoft_education_portal_project Arslansoft_education_portal: Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection. This issue affects Education Portal: before v1.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 66th percentile
CVE-2023-5634 — Arslansoft_education_portal_project Arslansoft_education_portal: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection. This issue affects Education Portal: before v1.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 30th percentile
CVE-2023-40600 — Ewww Image_optimizer: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0. CVSSv3.1 5.3 (MEDIUM) · EPSS 98th percentile
CVE-2023-23325 — Zumtobel Netlink_ccd_firmware: Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection vulnerability via the NetHostname parameter. CVSSv3.1 9.8 (CRITICAL) · EPSS 78th percentile
CVE-2023-23324 — Zumtobel Netlink_ccd_firmware: Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile
CVE-2023-48193 — Fit2cloud Jumpserver: Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary
Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users who are allowed to execute files. CVSSv3.1 9.8 (CRITICAL) · EPSS 78th percentile
CVE-2023-6201 — Univera Panorama: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Univera Computer System Panorama allows Command Injection. This issue affects Panorama: before 8.0. CVSSv3.1 8.8 (HIGH)
CVE-2023-3631 — Medart_notification_panel_project Medart_notification_panel: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection.This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 18th percentile
CVE-2023-3377 — Veribase Veribase: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veribilim Software Computer Veribase allows SQL Injection.This issue affects Veribase: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 23th percentile
CVE-2023-6009 — Userproplugin Userpro: The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to
The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userpro_update_user_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update. CVSSv3.1 8.8 (HIGH) · EPSS 36th percentile
CVE-2023-5822 — Codedropz Drag_and_drop_multiple_file_upload_-_contact_form_7: The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress
The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if a user authorized to edit form, which means editor privile CVSSv3.1 8.1 (HIGH) · EPSS 89th percentile
CVE-2023-5815 — Infornweb News_\&_blog_designer_pack: The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid
The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry) plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdp_get_more_post function hooked via a nopriv AJAX. This is due to function utilizing an unsafe extract() method to extract values from the POST variable and passing that input to the include() CVSSv3.1 8.1 (HIGH) · EPSS 98th percentile
CVE-2023-5466 — Gopiplus Wp_anything_slider: The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the
The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the d CVSSv3.1 8.8 (HIGH) · EPSS 63th percentile