A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.1 ( 2023/03/29 ) and later Multimedia Console 1.4.7 ( 2023/03/20 ) and later (Last Update:2023-09-22 13:24:08) (Publish Update:2023-09-22 04:15:54)

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2441 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later (Last Update:2023-09-22 13:24:08) (Publish Update:2023-09-22 04:15:54)

SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector. (Last Update:2023-09-23 03:35:41) (Publish Update:2023-09-21 20:15:10)

SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows remote attackers to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method. (Last Update:2023-09-23 03:38:59) (Publish Update:2023-09-21 17:15:16)

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface without authentication. This could lead to a full compromise of the FDS101 device. (Last Update:2023-09-22 13:47:32) (Publish Update:2023-09-21 07:15:18)

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. (Last Update:2023-09-22 18:43:27) (Publish Update:2023-09-20 22:15:13)

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. (Last Update:2023-09-22 02:12:15) (Publish Update:2023-09-20 22:15:13)

SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() methods. (Last Update:2023-09-22 19:02:45) (Publish Update:2023-09-20 22:15:12)

Cross Site Request Forgery (CSRF) vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files. (Last Update:2023-09-22 19:22:10) (Publish Update:2023-09-20 21:15:12)

Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component. (Last Update:2023-09-22 02:11:01) (Publish Update:2023-09-20 20:15:12)

A file upload vulnerability in EliteCMS 1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component. (Last Update:2023-09-22 02:10:19) (Publish Update:2023-09-20 20:15:12)

Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita, and mesescaddoc parameters. (Last Update:2023-09-21 18:41:49) (Publish Update:2023-09-20 19:15:12)

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php. (Last Update:2023-09-21 20:03:02) (Publish Update:2023-09-20 19:15:12)

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.php. (Last Update:2023-09-21 20:02:17) (Publish Update:2023-09-20 19:15:12)

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php. (Last Update:2023-09-21 13:23:28) (Publish Update:2023-09-20 19:15:12)

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the 'ma[]' POST parameter is deserialized. (Last Update:2023-09-21 18:20:39) (Publish Update:2023-09-20 18:15:12)

A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password. (Last Update:2023-09-22 18:38:59) (Publish Update:2023-09-20 17:15:12)

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to the MOVEit Transfer machine interface which could result in modification and disclosure of MOVEit database content. (Last Update:2023-09-22 18:31:52) (Publish Update:2023-09-20 17:15:12)

A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device. (Last Update:2023-09-22 18:01:44) (Publish Update:2023-09-20 16:15:12)

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967. (Last Update:2023-09-22 18:33:38) (Publish Update:2023-09-20 15:15:12)

An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload. (Last Update:2023-09-22 23:12:16) (Publish Update:2023-09-20 14:15:13)

An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system. (Last Update:2023-09-22 23:10:26) (Publish Update:2023-09-20 14:15:13)

Plesk 17.0 through 18.0.31 version, is vulnerable to a Cross-Site Scripting. A malicious subscription owner (either a customer or an additional user), can fully compromise the server if an administrator visits a certain page in Plesk related to the malicious subscription. (Last Update:2023-09-22 16:56:52) (Publish Update:2023-09-20 13:15:12)

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service. (Last Update:2023-09-21 22:15:12) (Publish Update:2023-09-20 10:15:15)

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (Last Update:2023-09-22 02:02:18) (Publish Update:2023-09-20 06:15:10)

Incorrect Default Permissions vulnerability due to incomplete fix to address CVE-2020-14496 in Mitsubishi Electric Corporation FA engineering software products allows a malicious local attacker to execute a malicious code, which could result in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition. However, if the mitigated version described in the advisory for CVE-2020-14496 is used and installed in the default installation folder, this vulnerability does not affect the products. (Last Update:2023-09-20 10:49:14) (Publish Update:2023-09-20 03:15:14)

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. (Last Update:2023-09-22 16:12:30) (Publish Update:2023-09-20 02:15:18)

Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject. (Last Update:2023-09-22 01:37:34) (Publish Update:2023-09-20 01:15:57)

File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions. (Last Update:2023-09-22 01:48:22) (Publish Update:2023-09-20 01:15:56)

NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. (Last Update:2023-09-22 16:19:29) (Publish Update:2023-09-20 01:15:56)