CVEs Today
Latest Information on Common Vulnerabilities and Exposures (CVEs)
Last updated: June 2, 2023. 23:00:03
click on an item for more info;
| ID | Description | Modified | References |
|---|---|---|---|
| CVE-2023-33195 | Craft is a CMS for creating custom digital experiences on the web. A malformed RSS feed can deliver an XSS payload. This issue was patched in version 4.4.6. | June 2, 2023. 21:15:00 | [github.com][github.com] |
| CVE-2023-3073 | Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | June 2, 2023. 20:58:00 | [github.com][huntr.dev] |
| CVE-2023-33669 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33671 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33670 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33672 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33673 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33675 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33761 | eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /view/cb/format_642.php. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33762 | eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection vulnerability via the Activity parameter. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-33763 | eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /scheduler/index.php. | June 2, 2023. 20:58:00 | [github.com] |
| CVE-2023-3074 | Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | June 2, 2023. 20:58:00 | [huntr.dev][github.com] |
| CVE-2023-3075 | Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8. | June 2, 2023. 20:58:00 | [huntr.dev][github.com] |
| CVE-2022-36244 | Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS) vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za. | June 2, 2023. 20:57:00 | [www.shopbeat.co.za] |
| CVE-2022-36246 | Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions. | June 2, 2023. 20:53:00 | [www.shopbeat.co.za] |
| CVE-2022-36247 | Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | June 2, 2023. 20:52:00 | [www.shopbeat.co.za] |
| CVE-2022-36249 | Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API level. | June 2, 2023. 20:50:00 | [www.shopbeat.co.za] |
| CVE-2023-31225 | The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. | June 2, 2023. 20:42:00 | [consumer.huawei.com] |
| CVE-2023-29551 | Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | June 2, 2023. 20:15:00 | [www.mozilla.org][bugzilla.mozilla.org] |
| CVE-2023-32215 | Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | June 2, 2023. 20:15:00 | [www.mozilla.org][www.mozilla.org] |
Page 1 of 146
