|
1861
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrat…
|
CWE-79
Cross-site Scripting
|
CVE-2023-23357
|
2024-12-19 11:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1862
|
- |
|
-
|
-
|
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access…
|
CWE-78
CWE-77
OS Command
Command Injection
|
CVE-2023-23356
|
2024-12-19 11:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1863
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access…
|
CWE-79
Cross-site Scripting
|
CVE-2023-23354
|
2024-12-19 11:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1864
|
- |
|
-
|
-
|
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-…
|
CWE-400
CWE-798
Uncontrolled Resource Consumption
Use of Hard-coded Credentials
|
CVE-2022-27600
|
2024-12-19 11:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1865
|
- |
|
-
|
-
|
An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthoriz…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2022-27595
|
2024-12-19 11:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1866
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2022-33954
|
2024-12-19 10:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1867
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-39081
|
2024-12-19 10:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1868
|
- |
|
-
|
-
|
Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom ses…
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-55603
|
2024-12-19 09:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1869
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attack…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-21586
|
2024-12-19 09:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1870
|
7.8 |
HIGH
Local
|
-
|
-
|
Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code exec…
|
CWE-416
Use After Free
|
CVE-2022-44520
|
2024-12-19 09:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
