NA - CVE-2023-43358 - Cross Site Scripting vulnerability in...
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.
NA - CVE-2023-42295 - An issue in OpenImageIO oiio v.2.4.12.0 allows...
An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.c
NA - CVE-2023-27148 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...
NA - CVE-2023-46322 - iTermSessionLauncher.m in iTerm2 before...
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may...
NA - CVE-2023-37636 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field...
NA - CVE-2023-28796 -
Improper Verification of Cryptographic...
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
NA - CVE-2023-5718 - The Vue.js Devtools extension was found to leak...
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard `postMessage()` API. By creating a malicious web page with an iFrame targeting a...