2071
|
8.8 |
HIGH
Network
|
thingsboard
|
thingsboard
|
ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent…
|
CWE-74
Injection
|
CVE-2023-45303
|
2024-09-20 04:35 |
2023-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2072
|
7.5 |
HIGH
Network
nasa
|
openmct
|
In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2023-45282
|
2024-09-20 04:35 |
2023-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2073
|
9.8 |
CRITICAL
Network
presto-changeo
|
attribute_grid
|
Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php.
|
CWE-89
SQL Injection
|
CVE-2023-43983
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2074
|
7.5 |
HIGH
Network
dlink
|
dir-823g_firmware
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (Do…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-44837
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2075
|
7.5 |
HIGH
Network
dlink
|
dir-823g_firmware
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-44836
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2076
|
7.5 |
HIGH
Network
dlink
|
dir-823g_firmware
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-44835
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2077
|
7.5 |
HIGH
Network
dlink
|
dir-823g_firmware
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Ser…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-44834
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2078
|
7.5 |
HIGH
Network
dlink
|
dir-823g_firmware
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Servi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-44833
|
2024-09-20 04:35 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2079
|
8.8 |
HIGH
Network
|
mozilla
|
thunderbird firefox firefox_esr
|
Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-4585
|
2024-09-20 04:35 |
2023-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2080
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An improper access control vulnerability exists in lunary-ai/lunary at the latest commit (a761d83) on the main branch. The vulnerability allows an attacker to use the auth tokens issued by the 'invit…
|
NVD-CWE-Other
|
CVE-2024-6087
|
2024-09-20 04:32 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|