Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3681 :
No results found.
Remaining NVD entries (unprocessed / no code available): ~220885 :
Date | Id | Summary | Products | Score | Patch |
---|---|---|---|---|---|
2023-09-21 | CVE-2023-4753 | OpenHarmony v3.2.1 and prior version has a liteos-a kernel may crash caused by mqueue undetected entries vulnerability. Local attackers can crash liteos-a kernel by the error input | N/A | N/A | |
2023-09-21 | CVE-2023-5104 | Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0. | N/A | N/A | |
2023-09-21 | CVE-2023-4760 | In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. As soon as this finds a / in the path, everything before it is removed, but potentially \ (backslashes) coming further back are kept. For example, a file name such as /..\..\webapps\shell.war can be used to... | N/A | N/A | |
2023-09-21 | CVE-2023-4152 | Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication. This enables an remote attacker to read all files on the filesystem of the FDS101 device. | N/A | 7.5 | |
2023-09-21 | CVE-2023-4291 | Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface without authentication. This could lead to a full compromise of the FDS101 device. | N/A | 9.8 | |
2023-09-21 | CVE-2023-4292 | Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a SQL injection vulnerability via manipulated parameters of the web interface without authentication. The database contains limited, non-critical log information. | N/A | 5.3 | |
2023-09-21 | CVE-2015-5467 | web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter. | N/A | N/A |