CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31024
https://notcve.org/view.php?id=CVE-2023-31024
12 Jan 2024 — A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5510 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31030
https://notcve.org/view.php?id=CVE-2023-31030
12 Jan 2024 — A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5510 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31029
https://notcve.org/view.php?id=CVE-2023-31029
12 Jan 2024 — A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5510 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0252 – Remote code execution
https://notcve.org/view.php?id=CVE-2024-0252
11 Jan 2024 — ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability. Las versiones 6401 e inferiores de ManageEngine ADSelfService Plus son vulnerables a la ejecución remota de código debido al manejo inadecuado en el componente del balanceador de carga. ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code executio... • https://www.manageengine.com/products/self-service-password/advisory/CVE-2024-0252.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22190 – Untrusted search path under some conditions on Windows allows arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-22190
11 Jan 2024 — GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41. • https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 1CVE-2023-51313 – PHPJabbers Restaurant Booking System 3.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-51313
11 Jan 2024 — PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. PHPJabbers Restaurant Booking System version 3.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176498 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 1CVE-2023-51317 – PHPJabbers Restaurant Booking System 3.0 Cross Site Scripting / HTML Injection
https://notcve.org/view.php?id=CVE-2023-51317
11 Jan 2024 — PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters. PHPJabbers Restaurant Booking System version 3.0 suffers from reflective and persistent cross site scripting and html injection vulnerabilities. • https://packetstorm.news/files/id/176493 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 1CVE-2023-51320 – PHPJabbers Night Club Booking Software 1.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-51320
11 Jan 2024 — PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. PHPJabbers Night Club Booking Software version 1.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176501 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 1CVE-2023-51324 – PHPJabbers Shared Asset Booking System 1.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-51324
11 Jan 2024 — PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. PHPJabbers Shared Asset Booking System version 1.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176504 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 1CVE-2023-51331 – PHPJabbers Cleaning Business Software 1.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-51331
11 Jan 2024 — PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. PHPJabbers Cleaning Business Software version 1.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176509 • CWE-94: Improper Control of Generation of Code ('Code Injection') •