Total
2747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27263 | 1 Mattermost | 1 Mattermost | 2023-11-07 | N/A | 6.5 MEDIUM |
| A missing permissions check in the /plugins/playbooks/api/v0/runs API in Mattermost allows an attacker to list and view playbooks belonging to a team they are not a member of. | |||||
| CVE-2023-24674 | 1 Bludit | 1 Bludit | 2023-11-07 | N/A | 7.8 HIGH |
| Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter. | |||||
| CVE-2023-23850 | 1 Jenkins | 1 Synopsys Coverity | 2023-11-07 | N/A | 4.3 MEDIUM |
| A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2023-23848 | 1 Jenkins | 1 Synopsys Coverity | 2023-11-07 | N/A | 4.3 MEDIUM |
| Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-23611 | 1 Openedx | 1 Xblock-lti-consumer | 2023-11-07 | N/A | 5.4 MEDIUM |
| LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can post a grade back for any LTI XBlock so long as it knows or can guess the block location for that XBlock. An LTI tool submits scores to the edX platform for line items. The code that uploads that score to the LMS grade tables determines which XBlock to upload the grades for by reading the resource_link_id field of the associated line item. The LTI tool may submit any value for the resource_link_id field, allowing a malicious LTI tool to submit scores for any LTI XBlock on the platform. The impact is a loss of integrity for LTI XBlock grades. This issue is patched in 7.2.2. No workarounds exist. | |||||
| CVE-2023-22834 | 1 Palantir | 1 Contour | 2023-11-07 | N/A | 4.3 MEDIUM |
| The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create. | |||||
| CVE-2023-22489 | 1 Flarum | 1 Flarum | 2023-11-07 | N/A | 3.5 LOW |
| Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that don't have a validated email. Guests cannot successfully create a reply because the API will fail with a 500 error when the user ID 0 is inserted into the database. This happens because when the first post of a discussion is permanently deleted, the `first_post_id` attribute of the discussion becomes `null` which causes access control to be skipped for all new replies. Flarum automatically makes discussions with zero comments invisible so an additional condition for this vulnerability is that the discussion must have at least one approved reply so that `discussions.comment_count` is still above zero after the post deletion. This can open the discussion to uncontrolled spam or just unintentional replies if users still had their tab open before the vulnerable discussion was locked and then post a reply when they shouldn't be able to. In combination with the email notification settings, this could also be used as a way to send unsolicited emails. Versions between `v1.3.0` and `v1.6.3` are impacted. The vulnerability has been fixed and published as flarum/core v1.6.3. All communities running Flarum should upgrade as soon as possible. There are no known workarounds. | |||||
| CVE-2023-20064 | 1 Cisco | 40 Asr 9000v-v2, Asr 9001, Asr 9006 and 37 more | 2023-11-07 | N/A | 4.6 MEDIUM |
| A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device. | |||||
| CVE-2023-1774 | 1 Mattermost | 1 Mattermost Server | 2023-11-07 | N/A | 5.4 MEDIUM |
| When processing an email invite to a private channel on a team, Mattermost fails to validate the inviter's permission to that channel, allowing an attacker to invite themselves to a private channel. | |||||
| CVE-2023-1414 | 1 Coderex | 1 Wp Vr | 2023-11-07 | N/A | 4.3 MEDIUM |
| The WP VR WordPress plugin before 8.3.0 does not have authorisation and CSRF checks in various AJAX actions, one in particular could allow any authenticated users, such as subscriber to update arbitrary tours | |||||
| CVE-2023-1371 | 1 W4 Post List Project | 1 W4 Post List | 2023-11-07 | N/A | 6.5 MEDIUM |
| The W4 Post List WordPress plugin before 2.4.6 does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them | |||||
| CVE-2023-1337 | 1 Rapidload | 1 Power-up For Autoptimize | 2023-11-07 | N/A | 4.3 MEDIUM |
| The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete plugin log files. | |||||
| CVE-2023-1296 | 1 Hashicorp | 1 Nomad | 2023-11-07 | N/A | 5.3 MEDIUM |
| HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1. | |||||
| CVE-2023-1262 | 1 Silabs | 2 Wireless Smart Ubiquitous Network Linux Border Router, Wireless Smart Ubiquitous Network Linux Border Router Firmware | 2023-11-07 | N/A | 5.3 MEDIUM |
| Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network. | |||||
| CVE-2023-1261 | 1 Silabs | 1 Wi-sun Software Development Kit | 2023-11-07 | N/A | 5.3 MEDIUM |
| Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network. | |||||
| CVE-2023-1027 | 1 Joomunited | 1 Wp Meta Seo | 2023-11-07 | N/A | 4.3 MEDIUM |
| The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to obtain post categories. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role. | |||||
| CVE-2023-0911 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2023-11-07 | N/A | 6.5 MEDIUM |
| The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not validate the user meta to be retrieved via the user shortcode, allowing any authenticated users such as subscriber to retrieve arbitrary user meta (except the user_pass), such as the user email and activation key by default. | |||||
| CVE-2023-0890 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2023-11-07 | N/A | 6.5 MEDIUM |
| The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or even password protected posts. It is also possible to leak the password of protected posts | |||||
| CVE-2023-0720 | 1 Wickedplugins | 1 Wicked Folders | 2023-11-07 | N/A | 4.3 MEDIUM |
| The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perform actions intended for administrators such as modifying the folder structure maintained by the plugin. | |||||
| CVE-2023-0713 | 1 Wickedplugins | 1 Wicked Folders | 2023-11-07 | N/A | 4.3 MEDIUM |
| The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_add_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perform actions intended for administrators such as modifying the folder structure maintained by the plugin. | |||||