CVE-2023-36661

Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 ...

Continue Reading

June 26, 2023

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.Read More ...

Continue Reading

June 26, 2023

CVE-2023-36664

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).Read More ...

Continue Reading

June 26, 2023

CVE-2023-36666

INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php ...

Continue Reading

June 26, 2023

CVE-2023-36663

it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.Read More ...

Continue Reading

June 25, 2023

CVE-2023-36632

The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. ...

Continue Reading

June 25, 2023

CVE-2023-3396

A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The ...

Continue Reading

June 25, 2023

CVE-2023-36630

In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass.Read More ...

Continue Reading

June 25, 2023

1 510 511 512 513 514 3,551

Back to Main
Subscribe for the latest news: