CVE-2023-1578 - SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19.
Published: March 22, 2023; 12:15:13 PM -0400

V3.1: 8.8 HIGH

CVE-2023-25069 - TXOne StellarOne has an improper access control privilege escalation vulnerability in every version before V2.0.1160 that could allow a malicious, falsely authenticated user to escalate his privileges to administrator level. With these privileges,... read CVE-2023-25069
Published: March 22, 2023; 2:15:09 AM -0400

V3.1: 8.8 HIGH

CVE-2023-27856 - In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ... read CVE-2023-27856
Published: March 21, 2023; 8:15:12 PM -0400

V3.1: 7.5 HIGH

CVE-2022-4095 - A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.
Published: March 22, 2023; 11:15:10 AM -0400

V3.1: 7.8 HIGH

CVE-2023-1281 - Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is calle... read CVE-2023-1281
Published: March 22, 2023; 10:15:16 AM -0400

V3.1: 7.8 HIGH

CVE-2023-27855 - In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on ... read CVE-2023-27855
Published: March 21, 2023; 8:15:12 PM -0400

V3.1: 9.8 CRITICAL

CVE-2023-28685 - Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Published: March 22, 2023; 2:15:11 AM -0400

V3.1: 7.1 HIGH

CVE-2023-1569 - A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument U_NAME with... read CVE-2023-1569
Published: March 22, 2023; 10:15:16 AM -0400

V3.1: 5.4 MEDIUM

CVE-2023-1568 - A vulnerability classified as problematic has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file /admin/reports/index.php of the component GET Parameter Handler. The manipulati... read CVE-2023-1568
Published: March 22, 2023; 10:15:16 AM -0400

V3.1: 5.4 MEDIUM

CVE-2023-1567 - A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assign/assign.php. The manipulation of the argument sid le... read CVE-2023-1567
Published: March 22, 2023; 10:15:16 AM -0400

V3.1: 6.1 MEDIUM

CVE-2023-1566 - A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file action.php. The manipulation of the argument id leads to sql injection. The at... read CVE-2023-1566
Published: March 22, 2023; 10:15:16 AM -0400

V3.1: 9.8 CRITICAL

CVE-2023-28083 - A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrat... read CVE-2023-28083
Published: March 22, 2023; 2:15:10 AM -0400

V3.1: 5.4 MEDIUM

CVE-2023-25924 - IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. IBM X-Force ID: 247630.
Published: March 22, 2023; 2:15:10 AM -0400

V3.1: 8.8 HIGH

CVE-2023-25688 - IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view ar... read CVE-2023-25688
Published: March 22, 2023; 2:15:10 AM -0400

V3.1: 5.3 MEDIUM

CVE-2023-25923 - IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an attacker to upload files that could be used in a denial of service attack due to incorrect authorization. IBM X-Force ID: 247629.
Published: March 21, 2023; 12:15:12 PM -0400

V3.1: 7.5 HIGH

CVE-2023-25594 - A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of this vulne... read CVE-2023-25594
Published: March 22, 2023; 2:15:10 AM -0400

V3.1: 8.8 HIGH

CVE-2023-25593 - Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker t... read CVE-2023-25593
Published: March 22, 2023; 2:15:10 AM -0400

V3.1: 6.1 MEDIUM

CVE-2023-27569 - The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.
Published: March 21, 2023; 12:15:13 PM -0400

V3.1: 9.8 CRITICAL

CVE-2023-27570 - The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.
Published: March 21, 2023; 12:15:13 PM -0400

V3.1: 9.8 CRITICAL

CVE-2023-25684 - IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in... read CVE-2023-25684
Published: March 21, 2023; 1:15:11 PM -0400

V3.1: 9.8 CRITICAL