• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-0671
Froxlor
2023-02-10
N/A
8.8 HIGH
Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.
CVE-2023-0669
Fortra, Goanywhere Managed File Transfer
Goanywhere_managed_file_transfer
2023-02-15
N/A
7.2 HIGH
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
CVE-2023-0663
Calendar Event Management System Project
Calendar_event_management_system
2023-02-10
N/A
9.8 CRITICAL
A vulnerability was found in Calendar Event Management System 2.3.0. It has been rated as critical. This issue affects some unknown processing of the component Login Page. The manipulation of the argument name/pwd leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-220175.
CVE-2023-0662
Php
Animated_smiley_generator, Archive_tar, Ar_memberscript, Blog_cms, Bloq, Com_extensions, Comoblog, Directory_listing_script, Dirlist, Easymoblog
2023-02-24
N/A
7.5 HIGH
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.
CVE-2023-0661
Devolutions, Devolutions Server
Devolutions_gateway, Devolutions_server, Gfwx, Password_hub, Remote_desktop_manager, Workspace
2023-02-22
N/A
6.5 MEDIUM
Improper access control in Devolutions Server allows an authenticated user to access unauthorized sensitive data.
CVE-2023-0659
Bdcom
1704-wgl, 1704-wgl_firmware
2023-02-10
N/A
7.5 HIGH
A vulnerability was found in BDCOM 1704-WGL 2.0.6314. It has been classified as critical. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220101 was assigned to this vulnerability.
CVE-2023-0658
Multilaser
Ac1200, Ac1200_firmware, Ac1200_re018, Ac1200_re018_firmware, Re057, Re057_firmware, Re170, Re170_firmware
2023-02-10
N/A
7.5 HIGH
A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 was assigned to this vulnerability.
CVE-2023-0655
Sonicwall
Sma_100_firmware, Sma_100, Sonicos_sslvpn_nacagent, 6200, 6200_firmware, 6210, 6210_firmware, 6bk1602-0aa12-0tp0, 6bk1602-0aa12-0tp0_firmware, 6bk1602-0aa22-0tp0
2023-02-22
N/A
5.3 MEDIUM
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
CVE-2023-0651
Fastcms Project
Fastcms
2023-02-09
N/A
9.8 CRITICAL
A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an unknown function of the component Template Management. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-220038 is the identifier assigned to this vulnerability.
CVE-2023-0650
Yetanotherforum
Yaf.net
2023-02-09
N/A
5.4 MEDIUM
A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to address this issue. The name of the patch is a1442a2bacc3335461b44c250e81f8d99c60735f. It is recommended to upgrade the affected component. The identifier VDB-220037 was assigned to this vulnerability.
« Previous 1 … 11,220 11,221 11,222 11,223 11,224 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE