Security Vulnerabilities - CVEs Published In April 2023
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-04-24
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-04-24
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible
CVSS Score
7.5
EPSS Score
0.0
Published
2023-04-24
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing
CVSS Score
4.1
EPSS Score
0.0
Published
2023-04-24
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-04-24
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-24
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-24
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-24
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-04-24
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the 'admin' password.
CVSS Score
9.4
EPSS Score
0.003
Published
2023-04-24