CVE-2023-4348

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

This Cyber News was published on www.tenable.com. Publication date: Sat, 16 Nov 2024 09:11:03 +0000

Cyber News related to CVE-2023-4348

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

CVE-2023-4348 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
3 months ago Tenable.com

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
1 year ago Microsoft.com

CVE-2009-4348 - Cross-site scripting (XSS) vulnerability in index.php in Harold Bakker's NewsScript (HB-NS) 1.3 allows remote attackers to inject arbitrary web script or HTML via the topic parameter in a topic action, a different vector than CVE-2006-2146. ...
15 years ago

CVE-2011-4348 - Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete ...
2 years ago

CVE-2012-4348 - The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote ...
11 years ago

CVE-2010-4348 - Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ...
11 years ago

CVE-2015-4348 - SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL commands via unspecified vectors. ...
9 years ago

CVE-2014-4348 - Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence ...
9 years ago

CVE-2007-4348 - Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log ...
7 years ago

CVE-2008-4348 - SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago

CVE-2006-4348 - PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. ...
6 years ago

CVE-2005-4348 - fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers. ...
6 years ago

CVE-2016-4348 - The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document. ...
6 years ago

CVE-2018-4348 - A validation issue was addressed with improved logic. This issue affected versions prior to macOS Mojave 10.14. ...
5 years ago

CVE-2020-4348 - IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414 ...
3 years ago

CVE-2022-4348 - A vulnerability was found in y_project RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched ...
2 years ago

CVE-2013-4348 - The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation. ...
1 year ago

CVE-2021-4348 - The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings functions in versions up to, and including, 2.4. This makes it possible for unauthenticated ...
1 year ago

CVE-2017-4348 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-4348 - A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the ...
9 months ago

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
11 months ago Securelist.com

Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
1 year ago Cybersecuritynews.com

10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
1 year ago Techtarget.com

Latest Cyber News

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack - 1 hour ago
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware - 1 hour ago
Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released - 2 hours ago
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast - 2 hours ago
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries - 2 hours ago
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability - 2 hours ago
Google Unveils Quantum-Safe Digital Signatures in Cloud KMS - 3 hours ago
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email - 3 hours ago
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks - 3 hours ago
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks - 4 hours ago
CVE-2025-1594 - 13 hours ago
CVE-2025-1593 - 14 hours ago
CVE-2025-1592 - 14 hours ago
CVE-2025-1591 - 15 hours ago
CVE-2025-1590 - 15 hours ago
CVE-2025-1589 - 16 hours ago
10 Best Ransomware Protection Tools - 2025 - 16 hours ago
10 Best Email Security Gateways in 2025 - 17 hours ago
CVE-2025-1467 - 18 hours ago
CVE-2025-1588 - 18 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack - 1 hour ago
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware - 1 hour ago
Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released - 2 hours ago
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast - 2 hours ago
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries - 2 hours ago
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability - 2 hours ago
Google Unveils Quantum-Safe Digital Signatures in Cloud KMS - 3 hours ago
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email - 3 hours ago
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks - 3 hours ago
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks - 4 hours ago
CVE-2025-1575 - 1 day ago
CVE-2025-1576 - 1 day ago
CVE-2024-13728 - 1 day ago
CVE-2025-1577 - 1 day ago
CVE-2025-1578 - 1 day ago
CVE-2025-1579 - 1 day ago
CVE-2025-1580 - 1 day ago
CVE-2025-1581 - 23 hours ago
CVE-2025-1582 - 22 hours ago
CVE-2025-1583 - 22 hours ago