| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-41046 | Velocity execution without script rights in Xwiki platform | xwiki | xwiki-platform | Medium | 6.3 | 2023-09-01 19:59:23 | Deep Dive |
| CVE-2023-4546 | Byzoro Smart S85F Management Platform licence.php access control | Byzoro | Smart S85F Management Platform | Low | 3.5 | 2023-08-26 07:31:05 | Deep Dive |
| CVE-2023-4544 | Byzoro Smart S85F Management Platform php.ini direct request | Byzoro | Smart S85F Management Platform | Medium | 4.3 | 2023-08-26 05:00:06 | Deep Dive |
| CVE-2023-4534 | NeoMind Fusion Platform Link cross site scripting | NeoMind | Fusion Platform | Low | 3.5 | 2023-08-25 14:00:09 | Deep Dive |
| CVE-2023-40573 | XWiki Platform's Groovy jobs check the wrong author, allowing remote code execution | xwiki | xwiki-platform | Critical | 9.0 | 2023-08-24 01:31:14 | Deep Dive |
| CVE-2023-40572 | XWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action | xwiki | xwiki-platform | Critical | 9.0 | 2023-08-24 01:15:33 | Deep Dive |
| CVE-2023-40177 | XWiki Platform privilege escalation (PR) from account through AWM content fields | xwiki | xwiki-platform | Critical | 9.9 | 2023-08-23 20:11:45 | Deep Dive |
| CVE-2023-40176 | SXSS in the user profile via the timezone displayer | xwiki | xwiki-platform | Critical | 9.0 | 2023-08-23 19:33:15 | Deep Dive |
| CVE-2023-4404 | Donation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege Escalation | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Critical | 9.8 | 2023-08-23 01:58:03 | Deep Dive |
| CVE-2023-4414 | Byzoro Smart S85F Management Platform decodmail.php command injection | Byzoro | Smart S85F Management Platform | Medium | 6.3 | 2023-08-18 16:00:05 | Deep Dive |
| CVE-2023-37914 | Privilege escalation (PR)/RCE from account through Invitation subject/message | xwiki | xwiki-platform | Critical | 9.9 | 2023-08-17 17:21:24 | Deep Dive |
| CVE-2023-38175 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Microsoft | Windows Defender Antimalware Platform | High | 7.8 | 2023-08-08 17:08:43 | Deep Dive |
| CVE-2023-37492 | Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform | SAP_SE | SAP NetWeaver AS ABAP and ABAP Platform | Medium | 4.9 | 2023-08-08 00:47:40 | Deep Dive |
| CVE-2023-32090 | Pegasystem PEGA Platform 授权问题漏洞 | Pegasystems | Pega Platform | Critical | 9.8 | 2023-08-07 11:53:49 | Deep Dive |
| CVE-2023-37500 | A Persistent Cross-site Scripting (XSS) vulnerability affects HCL Unica Platform | HCL Software | HCL Unica Platform | High | 8.1 | 2023-08-03 21:51:45 | Deep Dive |
| CVE-2023-37499 | A Persistent Cross-site Scripting (XSS) vulnerability affects HCL Unica Platform | HCL Software | HCL Unica Platform | High | 8.1 | 2023-08-03 21:38:49 | Deep Dive |
| CVE-2023-37498 | HCL Unica Platform is vulnerable to a privilege escalation by unauthorized group assignation | HCL Software | HCL Unica Platform | High | 8.1 | 2023-08-03 21:34:24 | Deep Dive |
| CVE-2023-37497 | An XML External Entity (XXE) Injection Vulnerability affects HCL Unica Platform | HCL Software | HCL Unica Platform | High | 8.1 | 2023-08-03 21:14:43 | Deep Dive |
| CVE-2023-4121 | Byzoro Smart S85F Management Platform unrestricted upload | Byzoro | Smart S85F Management Platform | Medium | 6.3 | 2023-08-03 09:31:04 | Deep Dive |
| CVE-2023-4120 | Byzoro Smart S85F Management Platform importhtml.php command injection | Byzoro | Smart S85F Management Platform | Medium | 6.3 | 2023-08-03 09:00:07 | Deep Dive |