Orange-Cyberdefense/CVE-repository

Orange-Cyberdefense/CVE-repository

Releases0

Stars84

:beetle: Repository of CVE found by OCD people

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-23563 ↗	Aug 22, 2023Tuesday, 22 August 2023, 19:16	6.5 MEDIUM	—
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection.
CVE-2023-23564 ↗	Aug 22, 2023Tuesday, 22 August 2023, 19:16	8.8 HIGH	—
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to execute commands.
CVE-2023-23565 ↗	Aug 22, 2023Tuesday, 22 August 2023, 19:16	4.9 MEDIUM	—
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion.
CVE-2023-26469 ↗	Aug 17, 2023Thursday, 17 August 2023, 19:15	9.8 CRITICAL	—
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.
CVE-2021-44032 ↗	Mar 10, 2022Thursday, 10 March 2022, 17:44	7.5 HIGH	5 MEDIUM
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded "no authentication" method, and access the protected network. For example, the attacker can simply set window.authType=0 in client-side JavaScript.