Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30247 | 1 Storage Unit Rental Management System Project | 1 Storage Unit Rental Management System | 2023-05-19 | N/A | 9.8 CRITICAL |
| File Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code via the update_settings parameter. | |||||
| CVE-2022-30216 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2023-05-17 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Server Service Tampering Vulnerability | |||||
| CVE-2023-28128 | 1 Ivanti | 1 Avalanche | 2023-05-16 | N/A | 7.2 HIGH |
| An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. | |||||
| CVE-2023-24507 | 1 Agilepoint | 1 Agilepoint Nx | 2023-05-15 | N/A | 9.8 CRITICAL |
| AgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request. | |||||
| CVE-2022-41380 | 1 Democritus | 1 D8s-yaml | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | |||||
| CVE-2022-42043 | 1 Democritus | 1 D8s-xml | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | |||||
| CVE-2022-41386 | 1 Democritus | 1 D8s-utility | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | |||||
| CVE-2022-41381 | 1 Democritus | 1 D8s-utility | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | |||||
| CVE-2022-42036 | 1 Democritus | 1 D8s-urls | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | |||||
| CVE-2022-41387 | 1 Democritus | 1 D8s-pdfs | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | |||||
| CVE-2022-42039 | 1 Democritus | 1 D8s-lists | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | |||||
| CVE-2022-41382 | 1 Democritus | 1 D8s-json | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | |||||
| CVE-2022-41385 | 1 Democritus | 1 D8s-html | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | |||||
| CVE-2022-42037 | 1 Democritus | 1 D8s-asns | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | |||||
| CVE-2022-41384 | 1 Democritus | 1 D8s-domains | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | |||||
| CVE-2022-42044 | 1 Democritus | 1 D8s-asns | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | |||||
| CVE-2022-41383 | 1 Democritus | 1 D8s-archives | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | |||||
| CVE-2022-42040 | 1 Democritus | 1 D8s-algorithms | 2023-05-15 | N/A | 9.8 CRITICAL |
| The d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | |||||
| CVE-2020-22755 | 1 Mingsoft | 1 Mcms | 2023-05-12 | N/A | 8.8 HIGH |
| File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943. | |||||
| CVE-2021-27280 | 1 Mblog Project | 1 Mblog | 2023-05-12 | N/A | 7.8 HIGH |
| OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected. | |||||