NuytsTech Security

CVE-2023-6449

The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the ‘validate’ function and insufficient blocklisting on the ‘wpcf7_antiscript_file_name’ function in versions up to,...

CVE-2023-6033

Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in...

CVE-2023-5995

An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for...

CVE-2023-5915

A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by...

CVE-2023-5637

Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1. Date published : 2023-12-01 https://www.usom.gov.tr/bildirim/tr-23-0670

CVE-2023-5636

Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1. Date published : 2023-12-01 https://www.usom.gov.tr/bildirim/tr-23-0670

CVE-2023-5635

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1. Date published : 2023-12-01 https://www.usom.gov.tr/bildirim/tr-23-0670

CVE-2023-5634

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1. Date published : 2023-12-01 https://www.usom.gov.tr/bildirim/tr-23-0670

CVE-2023-5226

An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited...

CVE-2023-4912

An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for...