CWE:
 

Topic
Date
Author
High
VBox Satellite Express Arbitrary Write Privilege Escalation
19.09.2015
KoreLogic
Med.
SiS Windows VGA Display Manager Multiple Privilege Escalation
02.09.2015
KoreLogic
Med.
XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
02.09.2015
KoreLogic
High
FortiClient Antivirus Information Exposure / Access Control
02.09.2015
CORE
Med.
Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation
22.07.2014
Matt Bergin of KoreLog...
Med.
Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation
22.07.2014
Matt Bergin of KoreLog...
Med.
Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
16.07.2014
Matt Bergin of KoreLog...


CVEMAP Search Results

CVE
Details
Description
2023-08-16
Waiting for details
CVE-2023-32488

Updating...
 

 
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.

 
2023-07-31
Waiting for details
CVE-2023-4006

Updating...
 

 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.

 
2023-06-30
Waiting for details
CVE-2023-3493

Updating...
 

 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilling prior to 0.5.3.

 
2023-06-23
Waiting for details
CVE-2023-3302

Updating...
 

 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.

 
2023-06-09
Waiting for details
CVE-2023-0721

Updating...
 

 
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 3.3.0. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.

 
2023-05-10
Waiting for details
CVE-2023-2629

Updating...
 

 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.

 
2023-04-24
Waiting for details
CVE-2023-2258

Updating...
 

 
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.

 
2023-04-11
Waiting for details
CVE-2023-1974

Updating...
 

 
Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8.

 
Waiting for details
CVE-2023-29109

Updating...
 

 
The SAP Application Interface Framework (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints List. Once the victim opens the downloaded Excel document, the formula will be executed. As a result, an attacker can cause limited impact on the confidentiality and integrity of the application.

 
2023-01-09
Waiting for details
CVE-2022-35281

Updating...
 

 
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335.

 

 


Copyright 2023, cxsecurity.com

 

Back to Top