Exploit Database
145,709 exploits tracked across all sources.
Kanboard - Authenticated Private Project Category Modification
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Metadata Modification via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.
CVSS 4.3
Kanboard - Authenticated Authorization Bypass via Task Form Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Tag Editing
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories from a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Automatic Action Form Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Internal Link Injection
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link to a private project of another user.
CVSS 4.3
Kanboard - Authenticated Authorization Bypass via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Authorization Bypass via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user.
CVSS 4.3
Kanboard < 1.0.47 - Authenticated Exposure of Sensitive Information via Form Data Manipulation
In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user.
CVSS 4.3
GraphicsMagick 1.3.26 - Exposure of Sensitive Information via Uninitialized GIF Palette
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
CVSS 6.5
GraphicsMagick 1.3.26 - Exposure of Sensitive Information via Uninitialized GIF Palette
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
CVSS 6.5
TeamPass < 2.1.27.9 - Cross-Site Scripting in Folders Queries
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
CVSS 5.4
OctoberCMS < 1.0.426 - Stored Cross-Site Scripting via SVG Avatar Upload
Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account.
CVSS 5.4
CPUID CPU-Z < 1.42 - Unauthenticated Arbitrary Memory Write via ioctl 0x9C402430
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41).
CVSS 7.8
Infineon RSA library <1.02.013 - RCE
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
CVSS 5.9
Infineon RSA library <1.02.013 - RCE
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.
CVSS 5.9
Ccsv - Use-After-Free in foreach Function
The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file. NOTE: This has been disputed and it is argued that this is not present in version 1.1.0.
CVSS 5.5
Bacula-web < 8.0.0-rc2 - SQL Injection
Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.
CVSS 9.8
Linux Kernel < 4.13.6 - Use-After-Free via Packet Fanout Race Condition
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
CVSS 7.8
phpmyfaq < 2.9.8 - Stored Cross-Site Scripting via HTML Attachment
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
CVSS 5.4
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.ratings.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
CVSS 8.8
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.main.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
CVSS 8.8
By Source