Robuta

https://blog.sorcery.ie/posts/simpleimportproduct_sqli/ SQLi in SimpleImportProduct Prestashop Module CVE-2023-39675 - Sorcery Blog prestashop modulecve 2023sorcery blogsqli https://www.herodevs.com/vulnerability-directory/cve-2023-25194 Vulnerability Directory | CVE-2023-25194 | Spring | HeroDevs Apache Kafka kafka-clients used in Kafka Connect is affected by a high-severity remote code execution vulnerability (CVE-2023-25194) that allows authenticated... vulnerability directory cvespring herodevs2023 https://www.ox.security/blog/3-years-later-cve-2023-38646-still-haunts-thousands-of-metabase-deployments/ Metabase CVE-2023-38646 Still Exposes Thousands of Servers Three years later, CVE-2023-38646 still exposes thousands of Metabase servers to unauthenticated RCE and full system compromise. cve 2023metabasestillexposesthousands https://joshua.hu/nagios-hacking-cve-2023-37154 Nagios Plugins: Hacking Monitored Servers with check_by_ssh and Argument Injection: CVE-2023-37154... Sep 5, 2023 - Turning Nagios from monitoring into a pivot: abusing check_by_ssh argument injection for RCE, bypassing SSH wrappers, and discussing CVE-2023-37154 and related... nagios pluginsinjection cvehackingmonitoredservers https://bugzilla.suse.com/show_bug.cgi?id=1206867 1206867 – (CVE-2023-0051) VUL-1: CVE-2023-0051: vim: Heap-based Buffer Overflow in GitHub... heap based buffercve 2023vul 10051vim https://www.openoffice.org/security/cves/CVE-2023-1183.html CVE-2023-1183 cve 20231183 https://explore.alas.aws.amazon.com/CVE-2023-52926.html CVE-2023-52926 cve 2023 https://cve.circl.lu/vuln/CVE-2023-3316 CVE-2023-3316 - Vulnerability-Lookup Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources. cve 2023vulnerability lookup3316 https://www.herodevs.com/vulnerability-directory/cve-2023-20862 Vulnerability Directory | CVE-2023-20862 | Spring | HeroDevs Patch CVE-2023-20862 immediately to secure your systems from critical vulnerabilities. Protect your applications and prevent exploits with the latest updates... vulnerability directory cvespring herodevs2023 https://cve.circl.lu/cve/CVE-2023-0288 CVE-2023-0288 - Vulnerability-Lookup Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources. cve 2023 0288vulnerability lookup https://www.twingate.com/blog/tips/CVE-2023-46748 CVE-2023-46748 Report - Details, Severity, & Advisories | Twingate We will discuss what is CVE-2023-46748, if you are affected by it, what to do if you're affected by it, and more! cve 2023report detailsseverityadvisoriestwingate https://www.postgresql.org/support/security/CVE-2023-5868/ PostgreSQL: CVE-2023-5868: Memory disclosure in aggregate function calls postgresql cve 2023memory disclosureaggregate function5868calls https://curl.se/docs/CVE-2023-27537.html curl - HSTS double free - CVE-2023-27537 curl hstsdouble freecve 2023 https://explore.alas.aws.amazon.com/CVE-2023-38403.html CVE-2023-38403 cve 2023 https://seclists.org/oss-sec/2023/q1/110 oss-sec: Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) oss secdouble freeopenssh server9 1cve 2023 https://explore.alas.aws.amazon.com/CVE-2023-2156.html CVE-2023-2156 cve 20232156 https://www.suse.com/security/cve/CVE-2023-0045.html CVE-2023-0045 Common Vulnerabilities and Exposures | SUSE Secure your Linux systems from CVE-2023-0045. Stay ahead of potential threats with the latest security updates from SUSE. cve 2023common vulnerabilitiesexposures suse0045 https://www.tp-link.com/us/support/faq/3643/ Statement on Archer AX21 Remote Code Execution Vulnerability(CVE-2023-1389) | TP-Link Statement on Archer AX21 Remote Code Execution Vulnerability(CVE-2023-1389) remote code executionarcher ax21vulnerability cvestatement2023 https://www.postgresql.org/support/security/CVE-2023-5869/ PostgreSQL: CVE-2023-5869: Buffer overrun from integer overflow in array modification postgresql cve 2023integer overflow5869bufferoverrun https://nvd.nist.gov/vuln/detail/CVE-2023-20592 NVD - CVE-2023-20592 nvd cve 2023 https://www.postgresql.org/support/security/CVE-2023-5870/ PostgreSQL: CVE-2023-5870: Role "pg_signal_backend" can signal certain superuser processes postgresql cve 20235870rolepgsignal https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-0394 2162120 – (CVE-2023-0394) CVE-2023-0394 kernel: NULL pointer dereference in... cve 2023 0394kernel null pointerdereference https://cve.circl.lu/vuln/CVE-2023-27931 CVE-2023-27931 - Vulnerability-Lookup Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources. cve 2023vulnerability lookup https://docs.keeper.io/en/release-notes/keeper-security/security-advisories/cve-2023-36266 CVE-2023-36266 | Release Notes | Keeper Documentation Response to CVE-2023-36266 cve 2023release noteskeeper documentation https://security.archlinux.org/CVE-2023-23454 CVE-2023-23454 - linux-zen linux-hardened linux linux-lts - Arch Linux linux zen hardenedcve 2023lts arch https://www.herodevs.com/vulnerability-directory/cve-2023-32559 Vulnerability Directory | CVE-2023-32559 | Node.js | HeroDevs vulnerability directory cvenode js herodevs2023 https://alephsecurity.com/vulns/aleph-2023000 [CVE-2023-24500] Attacker within WiFi range can install arbitrary firmware over the air on... Attacker within WiFi range can install arbitrary firmware over the air on unconfigured units cve 202324500attackerwithinwifi https://www.securitynewspaper.com/2023/10/16/ciscos-ticking-time-bomb-cve-2023-20198-with-cvss-score-10-hits-cisco-devices/ Cisco’s Ticking Time Bomb: CVE-2023-20198 with CVSS Score 10 Hits Cisco Devices – Information... ticking time bombcve 2023cvss scorecisco devices10 https://detection.fyi/tags/cve.2023-21746/ cve.2023-21746 | Detection.FYI cve 2023detection fyi https://explore.alas.aws.amazon.com/CVE-2023-52628.html CVE-2023-52628 cve 2023 https://curl.se/docs/CVE-2023-27534.html curl - SFTP path ~ resolving discrepancy - CVE-2023-27534 cve 2023curlsftppathresolving https://curl.se/docs/CVE-2023-27538.html curl - SSH connection too eager reuse still - CVE-2023-27538 ssh connectioncve 2023curleagerreuse https://www.herodevs.com/vulnerability-directory/cve-2023-30589 Vulnerability Directory | CVE-2023-30589 | Node.js | HeroDevs Node.js versions 4.0 to 16.20.1 are vulnerable to HTTP Request Smuggling. This issue allows attackers to exploit the HTTP request parsing. Affected package:... vulnerability directory cvenode js herodevs2023 https://curl.se/docs/CVE-2023-46219.html curl - HSTS long filename clears contents - CVE-2023-46219 curl hstscve 2023longfilenameclears https://www.ipa.go.jp/security/security-alert/2024/0417-jre.html Oracle Java の脆弱性対策について(CVE-2023-41993等) | 情報セキュリティ | IPA 独立行政法人 情報処理推進機構 情報処理推進機構（IPA）の「Oracle Java の脆弱性対策について(CVE-2023-41993等)」に関する情報です。 oracle javacve 2023ipa https://curl.se/docs/CVE-2023-27533.html curl - TELNET option IAC injection - CVE-2023-27533 injection cvecurltelnetoptioniac https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/proxy_exploit_cve_2023_36884_office_windows_html_rce/ Potential CVE-2023-36884 Exploitation Pattern | Detection.FYI Detects a unique pattern seen being used by RomCom potentially exploiting CVE-2023-36884 pattern detection fyipotential cve2023exploitation https://security-tracker.debian.org/tracker/CVE-2023-52892 CVE-2023-52892 cve 2023 https://www.postgresql.org/support/security/CVE-2023-2454/ PostgreSQL: CVE-2023-2454: CREATE SCHEMA ... schema_element defeats protective search_path changes postgresql cve 2023create schemasearch path2454element https://curl.se/docs/CVE-2023-28322.html curl - more POST-after-PUT confusion - CVE-2023-28322 cve 2023curlpostputconfusion https://explore.alas.aws.amazon.com/CVE-2023-54272.html CVE-2023-54272 cve 2023 https://security.archlinux.org/CVE-2023-0394 CVE-2023-0394 - linux-zen linux-hardened linux linux-lts - Arch Linux cve 2023 0394linux zen hardenedlts arch https://curl.se/docs/CVE-2023-28321.html curl - IDN wildcard match - CVE-2023-28321 cve 2023curlidnwildcardmatch https://www.herodevs.com/vulnerability-directory/cve-2023-49735 Vulnerability Directory | CVE-2023-49735 | Struts | HeroDevs Patch CVE-2023-49735 immediately to secure your systems from critical vulnerabilities. Protect your applications and prevent exploits with the latest updates... vulnerability directory cvestruts herodevs2023 https://curl.se/docs/CVE-2023-32001.html curl - fopen race condition - CVE-2023-32001 race conditioncve 2023curlfopen https://curl.se/docs/CVE-2023-38546.html curl - cookie injection with none file - CVE-2023-38546 curl cookiecve 2023injectionnonefile https://cve.circl.lu/vuln/CVE-2023-23538 CVE-2023-23538 - Vulnerability-Lookup Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources. cve 2023vulnerability lookup https://nvd.nist.gov/vuln/detail/CVE-2023-20027 NVD - CVE-2023-20027 nvd cve 2023 https://security.archlinux.org/CVE-2023-0433 CVE-2023-0433 - vim - Arch Linux vim arch linuxcve 20230433 https://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploit ShadowRay (CVE-2023-48022) - exploit - vsociety cve 2023exploit https://curl.se/docs/CVE-2023-38039.html curl - HTTP headers eat all memory - CVE-2023-38039 curl httpcve 2023headerseatmemory https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-38831/file_event_win_exploit_cve_2023_38331_winrar_susp_double_ext/ CVE-2023-38331 Exploitation Attempt - Suspicious Double Extension File | Detection.FYI Detects the creation of a file with a double extension and a space by WinRAR. This could be a sign of exploitation of CVE-2023-38331 cve 2023exploitation attemptdetection fyisuspiciousdouble https://www.postgresql.org/support/security/CVE-2023-39417/ PostgreSQL: CVE-2023-39417: Extension script @substitutions@ within quoting allow SQL injection postgresql cve 2023extensionscriptsubstitutionswithin https://securelist.com/windows-clfs-exploits-ransomware-cve-2023-23376/111593/ Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376) |... Dec 21, 2023 - This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware... ransomware operators exploitcve 2023windowsclfsfive https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46747/web_cve_2023_46747_f5_remote_code_execution/ CVE-2023-46747 Exploitation Activity - Webserver | Detection.FYI Detects exploitation activity of CVE-2023-46747 an unauthenticated remote code execution vulnerability in F5 BIG-IP. cve 2023detection fyiexploitationactivitywebserver https://cve.circl.lu/cve/CVE-2023-0054 CVE-2023-0054 - Vulnerability-Lookup Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources. cve 2023vulnerability lookup0054 https://ubuntu.com/security/CVE-2023-0394 CVE-2023-0394 | Ubuntu Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things. cve 2023 0394ubuntu https://www.haproxy.com/blog/december-2023-cve-2023-45539-haproxy-accepts-as-part-of-the-uri-component-fixed CVE-2023-45539 HAProxy Accepts # as Part of the URI Component Fixed Jan 16, 2024 - We have received questions regarding CVE-2023-45539 issued in November 2023. The versions of our products released on Monday, 21 August 2023 to fix... cve 2023haproxyacceptsparturi https://explore.alas.aws.amazon.com/CVE-2023-48231.html CVE-2023-48231 cve 2023 https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 HAProxy is not affected by the HTTP/2 Rapid Reset Attack (CVE-2023-44487) Jan 20, 2026 - HAProxy products are unaffected by CVE-2023-44487, which could allow a DoS attack against web servers, reverse proxies, and more. Stay tuned for updates. http 2 rapidreset attackcve 2023haproxyaffected https://nvd.nist.gov/vuln/detail/CVE-2023-44183 NVD - CVE-2023-44183 nvd cve 2023 https://blog.sorcery.ie/tags/cve-2023-39675/ CVE-2023-39675 - Sorcery Blog cve 2023sorcery blog https://krebsonsecurity.com/tag/cve-2023-31096/ CVE-2023-31096 – Krebs on Security cve 2023krebssecurity https://security.archlinux.org/CVE-2023-25012 CVE-2023-25012 - linux-zen linux-hardened linux linux-lts - Arch Linux linux zen hardenedcve 2023lts arch https://liveoverflow.com/webp-cve-2023-4863/ Huffman Table Overflow Visualized (CVE-2023-4863) May 13, 2024 - Checkout my videos on the webp vulnerability: * https://www.youtube.com/watch?v=lAyhKaclsPM * https://www.youtube.com/watch?v=PJLWlmp8CDM The huffman table... cve 2023huffmantableoverflowvisualized https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36874/file_event_win_exploit_cve_2023_36874_wermgr_creation/ Potential CVE-2023-36874 Exploitation - Fake Wermgr.Exe Creation | Detection.FYI Detects the creation of a file named creation detection fyipotential cve2023exploitationfake https://www.herodevs.com/vulnerability-directory/cve-2023-46809 Vulnerability Directory | CVE-2023-46809 | Node.js | HeroDevs Node.js versions 4.0 to 18.19.1 are vulnerable to a timing channel attack. This issue allows attackers to exploit RSA decryption vulnerabilities. Affected... vulnerability directory cvenode js herodevs2023 https://blog.rust-lang.org/2023/08/03/cve-2023-38497/ Security advisory for Cargo (CVE-2023-38497) | Rust Blog Empowering everyone to build reliable and efficient software. security advisorycargo cverust blog2023 https://www.postgresql.org/support/security/CVE-2023-2455/ PostgreSQL: CVE-2023-2455: Row security policies disregard user ID changes after inlining postgresql cve 2023security policiesuser id2455row https://www.herodevs.com/vulnerability-directory/cve-2023-20863 Vulnerability Directory | CVE-2023-20863 | Spring | HeroDevs Protect your systems from CVE-2023-20863 with HeroDevs’ Never-Ending Support. Stay secure, compliant, and up-to-date—get support today! vulnerability directory cvespring herodevs2023 https://bugs.gentoo.org/show_bug.cgi?id=CVE-2023-0288 890746 – (CVE-2023-0288, CVE-2023-0433) app-editors/vim-9.0.1403: huntr.dev input fuzzing bugs cve 2023 0288app editors viminput fuzzing https://security.archlinux.org/CVE-2023-0122 CVE-2023-0122 - linux-zen linux-hardened linux linux-lts - Arch Linux linux zen hardenedcve 2023lts arch0122 https://www.herodevs.com/vulnerability-directory/cve-2023-26118 Vulnerability Directory | CVE-2023-26118 | AngularJS | HeroDevs vulnerability directory cveangularjs herodevs2023 https://curl.se/docs/CVE-2023-27536.html curl - GSS delegation too eager connection reuse - CVE-2023-27536 connection reuse cvecurlgssdelegationeager https://security.archlinux.org/CVE-2023-0049 CVE-2023-0049 - vim - Arch Linux vim arch linuxcve 20230049 https://www.suse.com/security/cve/CVE-2023-2156.html CVE-2023-2156 Common Vulnerabilities and Exposures | SUSE Secure your Linux systems from CVE-2023-2156. Stay ahead of potential threats with the latest security updates from SUSE. cve 2023common vulnerabilitiesexposures suse2156 https://bugzilla.redhat.com/show_bug.cgi?id=2231017 2231017 – (CVE-2023-38592) CVE-2023-38592 webkitgtk: Processing web content may lead to arbitrary... cve 2023web contentmay leadwebkitgtkprocessing https://www.openwall.com/lists/oss-security/2023/01/18/1 oss-security - Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe oss securitycve 2023linux kernelpre auth0122 https://sekurak.pl/masz-stary-router-tp-link-botnet-mirai-aktywnie-wykorzystuje-luke-cve-2023-33538-do-przejecia-kontroli-nad-urzadzeniami/ Masz stary router TP-Link? Botnet Mirai aktywnie wykorzystuje lukę CVE-2023-33538 do przejęcia... Apr 23, 2026 - Badacze bezpieczeństwa z Unit42 alarmują o trwającej kampanii wymierzonej w posiadaczy starszych routerów TP-Link. Na celowniku są modele, które nie są już... router tpcve 2023maszstarybotnet https://bugs.gentoo.org/show_bug.cgi?id=CVE-2023-0433 890746 – (CVE-2023-0288, CVE-2023-0433) app-editors/vim-9.0.1403: huntr.dev input fuzzing bugs cve 2023 0288app editors viminput fuzzing https://explore.alas.aws.amazon.com/CVE-2023-54032.html CVE-2023-54032 cve 2023 https://explore.alas.aws.amazon.com/CVE-2023-53610.html CVE-2023-53610 cve 2023 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-34362-moveit-transfer-exploit/web_cve_2023_34362_known_payload_request.yml/ MOVEit CVE-2023-34362 Exploitation Attempt - Potential Web Shell Request | Detection.FYI Detects get requests to specific files used during the exploitation of MOVEit CVE-2023-34362 cve 2023exploitation attemptweb shelldetection fyimoveit https://securityaffairs.com/191040/hacking/cve-2023-33538-under-attack-for-a-year-but-exploitation-still-unsuccessful.html CVE-2023-33538 under attack for a year, but exploitation still unsuccessful Apr 20, 2026 - Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. cve 202333538attackyearexploitation https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-1389/proxy_exploit_cve_2023_1389_unauth_command_injection_tplink_archer_ax21/ CVE-2023-1389 Potential Exploitation Attempt - Unauthenticated Command Injection In TP-Link Archer... Detects potential exploitation attempt of CVE-2023-1389 an Unauthenticated Command Injection in TP-Link Archer AX21. cve 2023exploitation attemptcommand injection1389potential https://www.helpnetsecurity.com/2023/05/10/cve-2023-29324/ Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324) - Help Net... Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML Platform. patch makescve 2023easilybypassedzero https://www.herodevs.com/vulnerability-directory/cve-2023-34040 Vulnerability Directory | CVE-2023-34040 | Spring | HeroDevs Patch CVE-2023-34040 immediately to secure your systems from critical vulnerabilities. Protect your applications and prevent exploits with the latest updates... vulnerability directory cvespring herodevs2023 https://www.socinvestigation.com/cve-2023-21554-hunt-for-msmq-queuejumper-in-the-environment/ CVE-2023-21554 – Hunt For MSMQ QueueJumper In The Environment - Security Investigation Apr 13, 2023 - Check Point Research recently discovered three vulnerabilities in the Microsoft Message Queuing service commonly known as MSMQ. These vulnerabilities were... cve 2023environment securityhuntmsmqinvestigation https://www.herodevs.com/vulnerability-directory/cve-2023-34036 Vulnerability Directory | CVE-2023-34036 | Spring | HeroDevs Learn about a Spring HATEOAS vulnerability that can leak internal host information or facilitate cache poisoning via malicious forwarded headers, plus fixes... vulnerability directory cvespring herodevs2023 https://security.archlinux.org/CVE-2023-0288 CVE-2023-0288 - vim - Arch Linux cve 2023 0288vim arch linux https://www.haproxy.com/blog/august-2023-cve-2023-40225-empty-content-length-header-vulnerability-fixed August 2023 - CVE-2023-40225: Empty content-length header vulnerability fixed Sep 10, 2024 - HAProxy Technologies released new versions of its products to fix the vulnerability CVE-2023-40225. Learn more here. august 2023content lengthvulnerability fixedcve40225