Dernières vulnérabilités du 24-06-2023

Dernières vulnérabilités du 24-06-2023
{{titre}}

Dernière mise à jour efféctuée le 24/06/2023 à 20:00:10

Vulnérabilité(s) CRITICAL [9.0, 10.0]

Vulnérabilité ID : CVE-2023-33299

Première publication le : 2023-06-23T08:15:09.483

Dernière modification le : 2023-06-23T13:03:31.027

Description :
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.

CVE ID : CVE-2023-33299

Source : psirt@fortinet.com

Score CVSS : 9.8

Références :
https://fortiguard.com/psirt/FG-IR-23-074 | source : psirt@fortinet.com


Vulnérabilité ID : CVE-2023-34464

Première publication le : 2023-06-23T15:15:09.200

Dernière modification le : 2023-06-23T15:49:09.940

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.2.1 until versions 14.4.8, 14.10.5, and 15.1RC1 of org.xwiki.platform:xwiki-platform-web and any version prior to 14.4.8, 14.10.5, and 15.1.RC1 of org.xwiki.platform:xwiki-platform-web-templates, any user who can edit a document in a wiki like the user profile can create a stored cross-site scripting attack. The attack occurs by putting plain HTML code into that document and then tricking another user to visit that document with the `displaycontent` or `rendercontent` template and plain output syntax. If a user with programming rights is tricked into visiting such a URL, arbitrary actions be performed with this user's rights, impacting the confidentiality, integrity, and availability of the whole XWiki installation. This has been patched in XWiki 14.4.8, 14.10.5 and 15.1RC1 by setting the content type of the response to plain text when the output syntax is not an HTML syntax.

CVE ID : CVE-2023-34464

Source : security-advisories@github.com

Score CVSS : 9.0

Références :
https://github.com/xwiki/xwiki-platform/commit/53e8292a31ec70fba5e1d705a4ac443658b9e6df | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-fp7h-f9f5-x4q7 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20290 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-34465

Première publication le : 2023-06-23T16:15:09.303

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail sending configuration, including the smtp domain name and credentials. The problem has been patched in XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, the rights of the `Mail.MailConfig` page can be manually updated so that only a set of trusted users can view, edit and delete it (e.g., the `XWiki.XWikiAdminGroup` group).

CVE ID : CVE-2023-34465

Source : security-advisories@github.com

Score CVSS : 9.9

Références :
https://github.com/xwiki/xwiki-platform/commit/8910b8857d3442d2e8142f655fdc0512930354d1 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/commit/d28d7739089e1ae8961257d9da7135d1a01cb7d4 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g75c-cjr6-39mc | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20519 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20671 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35150

Première publication le : 2023-06-23T17:15:09.380

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.40m-2 and prior to versions 14.4.8, 14.10.4, and 15.0, any user with view rights on any document can execute code with programming rights, leading to remote code execution by crafting an url with a dangerous payload. The problem has been patched in XWiki 15.0, 14.10.4 and 14.4.8.

CVE ID : CVE-2023-35150

Source : security-advisories@github.com

Score CVSS : 9.9

Références :
https://github.com/xwiki/xwiki-platform/commit/b65220a4d86b8888791c3b643074ebca5c089a3a | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6mf5-36v9-3h2w | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20285 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35152

Première publication le : 2023-06-23T17:15:09.533

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually.

CVE ID : CVE-2023-35152

Source : security-advisories@github.com

Score CVSS : 9.9

Références :
https://github.com/xwiki/xwiki-platform/commit/0993a7ab3c102f9ac37ffe361a83a3dc302c0e45#diff-0b51114cb27f7a5c599cf40c59d658eae6ddc5c0836532c3b35e163f40a4854fR39 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rf8j-q39g-7xfm | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-19900 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20611 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35153

Première publication le : 2023-06-23T18:15:13.970

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform. Starting in version 5.4.4 and prior to versions 14.4.8, 14.10.4, and 15.0, a stored cross-site scripting vulnerability can be exploited by users with edit rights by adding a `AppWithinMinutes.FormFieldCategoryClass` class on a page and setting the payload on the page title. Then, any user visiting `/xwiki/bin/view/AppWithinMinutes/ClassEditSheet` executes the payload. The issue has been patched in XWiki 14.4.8, 14.10.4, and 15.0. As a workaround, update `AppWithinMinutes.ClassEditSheet` with a patch.

CVE ID : CVE-2023-35153

Source : security-advisories@github.com

Score CVSS : 9.0

Références :
https://github.com/xwiki/xwiki-platform/commit/1b87fec1e5b5ec00b7a8c3c3f94f6c5e22547392#diff-79e725ec7125cced7d302e1a1f955a76745af26ef28a148981b810e85335d302 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4wc6-hqv9-qc97 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20365 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35156

Première publication le : 2023-06-23T19:15:09.263

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the delete template to perform a XSS, e.g. by using URL such as: > xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 6.0-rc-1. The vulnerability has been patched in XWiki 14.10.6 and 15.1. Note that a partial patch has been provided in 14.10.5 but wasn't enough to entirely fix the vulnerability.

CVE ID : CVE-2023-35156

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/13875a6437d4525ac4aeea25918f2d2dffac9ee1 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/commit/24ec12890ac7fa6daec8d0b3435cfcba11362fd5 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/commit/e80d22d193df364b07bab7925572720f91a8984a | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-834c-x29c-f42c | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20341 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20672 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35158

Première publication le : 2023-06-23T19:15:09.420

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.

CVE ID : CVE-2023-35158

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/d5472100606c8355ed44ada273e91df91f682738 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mwxj-g7fw-7hc8 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20352 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35159

Première publication le : 2023-06-23T19:15:09.497

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the deletespace template to perform a XSS, e.g. by using URL such as: > xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 3.4-milestone-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.

CVE ID : CVE-2023-35159

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/5c20ff5e3bdea50f1053fe99a27e011b8d0e4b34 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x234-mg7q-m8g8 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20612 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35160

Première publication le : 2023-06-23T19:15:09.570

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/XWiki/Main xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain). This vulnerability exists since XWiki 2.5-milestone-2. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.

CVE ID : CVE-2023-35160

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/dbc92dcdace33823ffd1e1591617006cb5fc6a7f | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-r8xc-xxh3-q5x3 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20343 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35161

Première publication le : 2023-06-23T19:15:09.647

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the DeleteApplication page to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 6.2-milestone-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.

CVE ID : CVE-2023-35161

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/8f5a889b7cd140770e54f5b4195d88058790e305 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4xm7-5q79-3fch | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20614 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35162

Première publication le : 2023-06-23T19:15:09.720

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as: > <hostname>/xwiki/bin/get/FlamingoThemes/Cerulean xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain). This vulnerability exists since XWiki 6.1-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.

CVE ID : CVE-2023-35162

Source : security-advisories@github.com

Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/9f01166b1a8ee9639666099eb5040302df067e4d | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-q9hg-9qj2-mxf9 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20342 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20583 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35169

Première publication le : 2023-06-23T21:15:09.627

Dernière modification le : 2023-06-24T12:41:30.800

Description :
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code execution vulnerability. Every application that stores attachments with `Attachment::save()` without providing a `$filename` or passing unsanitized user input is affected by this attack. An attacker can send an email with a malicious attachment to the inbox, which gets crawled with `webklex/php-imap` or `webklex/laravel-imap`. Prerequisite for the vulnerability is that the script stores the attachments without providing a `$filename`, or providing an unsanitized `$filename`, in `src/Attachment::save(string $path, string $filename = null)`. In this case, where no `$filename` gets passed into the `Attachment::save()` method, the package would use a series of unsanitized and insecure input values from the mail as fallback. Even if a developer passes a `$filename` into the `Attachment::save()` method, e.g. by passing the name or filename of the mail attachment itself (from email headers), the input values never get sanitized by the package. There is also no restriction about the file extension (e.g. ".php") or the contents of a file. This allows an attacker to upload malicious code of any type and content at any location where the underlying user has write permissions. The attacker can also overwrite existing files and inject malicious code into files that, e.g. get executed by the system via cron or requests. Version 5.3.0 contains a patch for this issue.

CVE ID : CVE-2023-35169

Source : security-advisories@github.com

Score CVSS : 9.0

Références :
https://github.com/Webklex/php-imap/blob/5.2.0/src/Attachment.php#L251-L255 | source : security-advisories@github.com
https://github.com/Webklex/php-imap/blob/5.2.0/src/Attachment.php#L252 | source : security-advisories@github.com
https://github.com/Webklex/php-imap/pull/414 | source : security-advisories@github.com
https://github.com/Webklex/php-imap/releases/tag/5.3.0 | source : security-advisories@github.com
https://github.com/Webklex/php-imap/security/advisories/GHSA-47p7-xfcc-4pv9 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-1721

Première publication le : 2023-06-24T00:15:09.140

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

CVE ID : CVE-2023-1721

Source : help@fluidattacks.com

Score CVSS : 9.1

Références :
https://fluidattacks.com/advisories/blessd/ | source : help@fluidattacks.com
https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-1722

Première publication le : 2023-06-24T02:15:08.233

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

CVE ID : CVE-2023-1722

Source : help@fluidattacks.com

Score CVSS : 9.1

Références :
https://fluidattacks.com/advisories/wyckoff/ | source : help@fluidattacks.com
https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-3197

Première publication le : 2023-06-24T03:15:09.080

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2023-3197

Source : security@wordfence.com

Score CVSS : 9.8

Références :
https://plugins.trac.wordpress.org/changeset/2929891/mstore-api/trunk/controllers/helpers/vendor-wcfm.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/30aab1af-a78f-4bac-b3c5-30ea854ccef7?source=cve | source : security@wordfence.com


Vulnérabilité(s) HIGH [7.0, 8.9]

Vulnérabilité ID : CVE-2023-33141

Première publication le : 2023-06-23T02:15:09.513

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability

CVE ID : CVE-2023-33141

Source : secure@microsoft.com

Score CVSS : 7.5

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141 | source : secure@microsoft.com


Vulnérabilité ID : CVE-2023-28073

Première publication le : 2023-06-23T11:15:09.863

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.

CVE ID : CVE-2023-28073

Source : security_alert@emc.com

Score CVSS : 8.2

Références :
https://www.dell.com/support/kbdoc/en-us/000213032/dsa-2023-160-dell-client | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-34012

Première publication le : 2023-06-23T12:15:09.687

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.

CVE ID : CVE-2023-34012

Source : audit@patchstack.com

Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/premium-addons-pro/wordpress-premium-addons-pro-plugin-2-8-24-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-34021

Première publication le : 2023-06-23T12:15:09.760

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions.

CVE ID : CVE-2023-34021

Source : audit@patchstack.com

Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-3-7-29-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-29100

Première publication le : 2023-06-23T13:15:10.350

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions.

CVE ID : CVE-2023-29100

Source : audit@patchstack.com

Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/dt-the7/wordpress-the7-theme-11-6-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2022-47614

Première publication le : 2023-06-23T15:15:08.983

Dernière modification le : 2023-06-23T15:49:09.940

Description :
Unauth. SQL Injection (SQLi) vulnerability in InspireUI MStore API plugin <= 3.9.7 versions.

CVE ID : CVE-2022-47614

Source : audit@patchstack.com

Score CVSS : 7.5

Références :
https://patchstack.com/database/vulnerability/mstore-api/wordpress-mstore-api-plugin-3-9-7-sql-injection?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-34467

Première publication le : 2023-06-23T17:15:09.310

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscation configuration was not fully taken into account. While the mail displayed to the end user was obfuscated, the rest response was also containing the mail unobfuscated and users were able to filter and sort on the unobfuscated, allowing them to infer the mail content. The consequence was the possibility to retrieve the email addresses of all users even when obfuscated. This has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1.

CVE ID : CVE-2023-34467

Source : security-advisories@github.com

Score CVSS : 7.5

Références :
https://github.com/xwiki/xwiki-platform/commit/71f889db9962df2d385f4298e29cfbc9050b828a#diff-5a739e5865b1f1ad9d79b724791be51b0095a0170cc078911c940478b13b949a | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7vr7-cghh-ch63 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20333 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35151

Première publication le : 2023-06-23T17:15:09.457

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a REST endpoint and obtain the obfuscated passwords, even when the mail obfuscation is activated. The issue has been patched in XWiki 14.4.8, 14.10.6, and 15.1. There is no known workaround.

CVE ID : CVE-2023-35151

Source : security-advisories@github.com

Score CVSS : 7.5

Références :
https://github.com/xwiki/xwiki-platform/commit/824cd742ecf5439971247da11bfe7e0ad2b10ede | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8g9c-c9cm-9c56 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-16138 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-25515

Première publication le : 2023-06-23T18:15:10.887

Dernière modification le : 2023-06-23T19:24:47.997

Description :
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.

CVE ID : CVE-2023-25515

Source : psirt@nvidia.com

Score CVSS : 7.1

Références :
https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466 | source : psirt@nvidia.com


Vulnérabilité ID : CVE-2023-25518

Première publication le : 2023-06-23T18:15:10.970

Dernière modification le : 2023-06-23T19:24:43.457

Description :
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.

CVE ID : CVE-2023-25518

Source : psirt@nvidia.com

Score CVSS : 7.1

Références :
https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466 | source : psirt@nvidia.com


Vulnérabilité ID : CVE-2023-35155

Première publication le : 2023-06-23T19:15:09.190

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). For instance, the following URL execute an `alter` on the browser: `<xwiki-host>/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E+%3Cimg+src+onerror%3Dalert%28document.domain%29%3E+%3Crenniepak%40intigriti.me%3E&includeDocument=inline&message=I+wanted+to+share+this+page+with+you.`, where `<xwiki-host>` is the URL of your XWiki installation. The vulnerability has been patched in XWiki 15.0-rc-1, 14.10.4, and 14.4.8.

CVE ID : CVE-2023-35155

Source : security-advisories@github.com

Score CVSS : 8.8

Références :
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-fwwj-wg89-7h4c | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20370 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35157

Première publication le : 2023-06-23T19:15:09.343

Dernière modification le : 2023-06-23T19:24:31.607

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to perform an XSS by forging a request to a delete attachment action with a specific attachment name. Now this XSS can be exploited only if the attacker knows the CSRF token of the user, or if the user ignores the warning about the missing CSRF token. The vulnerability has been patched in XWiki 15.1-rc-1 and XWiki 14.10.6.

CVE ID : CVE-2023-35157

Source : security-advisories@github.com

Score CVSS : 8.4

Références :
https://github.com/xwiki/xwiki-platform/commit/35e9073ffec567861e0abeea072bd97921a3decf | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-phwm-87rg-27qq | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20339 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-3393

Première publication le : 2023-06-23T19:15:09.793

Dernière modification le : 2023-06-23T19:24:31.607

Description :
Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1.

CVE ID : CVE-2023-3393

Source : security@huntr.dev

Score CVSS : 8.0

Références :
https://github.com/fossbilling/fossbilling/commit/47343fb58db5c17c14bc6941dacbeb9c96957351 | source : security@huntr.dev
https://huntr.dev/bounties/e4df9280-900a-407a-a07e-e7fef3345914 | source : security@huntr.dev


Vulnérabilité ID : CVE-2023-34254

Première publication le : 2023-06-23T21:15:09.320

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an administrator user on the remote can manage to inject a command in a specific workflow the agent would run with the privileges it uses. In the case, the agent is running with administration privileges, a malicious user could gain high privileges on the computer glpi-agent is running on. A malicious user could also disclose all remote accesses the agent is configured with for remoteinventory task. This vulnerability has been patched in glpi-agent 1.5.

CVE ID : CVE-2023-34254

Source : security-advisories@github.com

Score CVSS : 7.6

Références :
https://github.com/glpi-project/glpi-agent/blob/dd313ee0914becf74c0e48cb512765210043b478/Changes#L98 | source : security-advisories@github.com
https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-39vc-hxgm-j465 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35154

Première publication le : 2023-06-23T21:15:09.400

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Knowage is an open source analytics and business intelligence suite. Starting in version 6.0.0 and prior to version 8.1.8, an attacker can register and activate their account without having to click on the link included in the email, allowing them access to the application as a normal user. This issue has been patched in version 8.1.8.

CVE ID : CVE-2023-35154

Source : security-advisories@github.com

Score CVSS : 7.2

Références :
https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-48hp-jvv8-cf62 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35172

Première publication le : 2023-06-23T21:15:09.777

Dernière modification le : 2023-06-24T12:41:30.800

Description :
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, an attacker can bruteforce the password reset links. Nextcloud Server n 25.0.7 and 26.0.2 and Nextcloud Enterprise Server 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2 contain a patch for this issue. No known workarounds are available.

CVE ID : CVE-2023-35172

Source : security-advisories@github.com

Score CVSS : 8.7

Références :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf5-p765-qmr6 | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/38267 | source : security-advisories@github.com
https://hackerone.com/reports/1987062 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35927

Première publication le : 2023-06-23T21:15:09.927

Dernière modification le : 2023-06-24T12:41:30.800

Description :
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, when two server are registered as trusted servers for each other and successfully exchanged the share secrets, the malicious server could modify or delete VCards in the system addressbook on the origin server. This would impact the available and shown information in certain places, such as the user search and avatar menu. If a manipulated user modifies their own data in the personal settings the entry is fixed again. Nextcloud Server n 25.0.7 and 26.0.2 and Nextcloud Enterprise Server 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2 contain a patch for this issue. A workaround is available. Remove all trusted servers in the "Administration" > "Sharing" settings `…/index.php/settings/admin/sharing`. Afterwards, trigger a recreation of the local system addressbook with the following `occ dav:sync-system-addressbook`.

CVE ID : CVE-2023-35927

Source : security-advisories@github.com

Score CVSS : 7.6

Références :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7f7-535f-7q87 | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/38247 | source : security-advisories@github.com
https://hackerone.com/reports/1976754 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35928

Première publication le : 2023-06-23T21:15:10.007

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, a user could use this functionality to get access to the login credentials of another user and take over their account. This issue has been patched in Nextcloud Server versions 25.0.7 and 26.0.2 and NextCloud Enterprise Server versions 19.0.13.9, 20.0.14.14, 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2. Three workarounds are available. Disable app files_external. Change config setting "Allow users to mount external storage" to disabled in "Administration" > "External storage" settings `…/index.php/settings/admin/externalstorages`. Change config setting to disallow users to create external storages in "Administration" > "External storage" settings `…/index.php/settings/admin/externalstorages` with the types FTP, Nextcloud, SFTP, and/or WebDAV.

CVE ID : CVE-2023-35928

Source : security-advisories@github.com

Score CVSS : 8.4

Références :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/38265 | source : security-advisories@github.com
https://hackerone.com/reports/1978882 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35932

Première publication le : 2023-06-23T22:15:08.987

Dernière modification le : 2023-06-24T12:41:30.800

Description :
jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lead to a command injection. The impact of a configuration injection may vary. Under some conditions, it may lead to command injection if there is for instance shell code execution from the configuration file values. This vulnerability does not currently have a fix.

CVE ID : CVE-2023-35932

Source : security-advisories@github.com

Score CVSS : 7.1

Références :
https://github.com/tanghaibao/jcvi/blob/cede6c65c8e7603cb266bc3395ac8f915ea9eac7/jcvi/apps/base.py#LL2227C1-L2228C41 | source : security-advisories@github.com
https://github.com/tanghaibao/jcvi/security/advisories/GHSA-x49m-3cw7-gq5q | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-1724

Première publication le : 2023-06-24T01:15:08.543

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

CVE ID : CVE-2023-1724

Source : help@fluidattacks.com

Score CVSS : 7.3

Références :
https://fluidattacks.com/advisories/towers/ | source : help@fluidattacks.com
https://github.com/ladybirdweb/faveo-helpdesk/ | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-3388

Première publication le : 2023-06-24T03:15:09.230

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2.

CVE ID : CVE-2023-3388

Source : security@wordfence.com

Score CVSS : 7.2

Références :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2857982%40beautiful-and-responsive-cookie-consent&new=2857982%40beautiful-and-responsive-cookie-consent&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/blog/2023/05/wordfence-firewall-blocks-bizarre-large-scale-xss-campaign/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/542a4079-b1a2-49bc-9ddd-ba7978c9992e?source=cve | source : security@wordfence.com


Vulnérabilité(s) MEDIUM [4.0, 6.9]

Vulnérabilité ID : CVE-2023-25936

Première publication le : 2023-06-23T09:15:09.290

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-25936

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-25937

Première publication le : 2023-06-23T10:15:09.557

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-25937

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28028

Première publication le : 2023-06-23T10:15:09.637

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28028

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28029

Première publication le : 2023-06-23T10:15:09.710

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

CVE ID : CVE-2023-28029

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28030

Première publication le : 2023-06-23T10:15:09.780

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28030

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28032

Première publication le : 2023-06-23T10:15:09.853

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28032

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28033

Première publication le : 2023-06-23T10:15:09.927

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28033

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28035

Première publication le : 2023-06-23T10:15:10.000

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28035

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28039

Première publication le : 2023-06-23T10:15:10.067

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28039

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28040

Première publication le : 2023-06-23T10:15:10.137

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28040

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28041

Première publication le : 2023-06-23T10:15:10.207

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28041

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28042

Première publication le : 2023-06-23T10:15:10.280

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28042

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28052

Première publication le : 2023-06-23T10:15:10.353

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28052

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28054

Première publication le : 2023-06-23T10:15:10.420

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28054

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28056

Première publication le : 2023-06-23T10:15:10.490

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28056

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28059

Première publication le : 2023-06-23T10:15:10.563

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28059

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28061

Première publication le : 2023-06-23T10:15:10.630

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28061

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-3380

Première publication le : 2023-06-23T10:15:10.717

Dernière modification le : 2023-06-23T13:03:24.293

Description :
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3380

Source : cna@vuldb.com

Score CVSS : 4.7

Références :
https://github.com/sleepyvv/vul_report/blob/main/WAVLINK/WAVLINK-WN579X3-RCE.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.232236 | source : cna@vuldb.com
https://vuldb.com/?id.232236 | source : cna@vuldb.com


Vulnérabilité ID : CVE-2023-25938

Première publication le : 2023-06-23T11:15:08.997

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-25938

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28026

Première publication le : 2023-06-23T11:15:09.073

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28026

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28027

Première publication le : 2023-06-23T11:15:09.143

Dernière modification le : 2023-06-23T13:03:24.293

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28027

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28031

Première publication le : 2023-06-23T11:15:09.210

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28031

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28034

Première publication le : 2023-06-23T11:15:09.280

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28034

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28036

Première publication le : 2023-06-23T11:15:09.347

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28036

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28044

Première publication le : 2023-06-23T11:15:09.417

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28044

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28050

Première publication le : 2023-06-23T11:15:09.490

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28050

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28058

Première publication le : 2023-06-23T11:15:09.560

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28058

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28060

Première publication le : 2023-06-23T11:15:09.630

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE ID : CVE-2023-28060

Source : security_alert@emc.com

Score CVSS : 5.1

Références :
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-28071

Première publication le : 2023-06-23T11:15:09.790

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).

CVE ID : CVE-2023-28071

Source : security_alert@emc.com

Score CVSS : 6.3

Références :
https://www.dell.com/support/kbdoc/en-us/000213546/dsa-2023-170-dell-command-update | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-32480

Première publication le : 2023-06-23T11:15:09.937

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

CVE ID : CVE-2023-32480

Source : security_alert@emc.com

Score CVSS : 6.8

Références :
https://www.dell.com/support/kbdoc/en-us/000214779/dsa-2023-175-dell-client-bios-security-update-for-an-improper-input-validation-vulnerability | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-3383

Première publication le : 2023-06-23T11:15:10.030

Dernière modification le : 2023-06-23T13:03:18.900

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Game Result Matrix System 1.0. This affects an unknown part of the file /dipam/athlete-profile.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232239.

CVE ID : CVE-2023-3383

Source : cna@vuldb.com

Score CVSS : 6.3

Références :
https://github.com/M9KJ-TEAM/CVEReport/blob/main/SQL2.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.232239 | source : cna@vuldb.com
https://vuldb.com/?id.232239 | source : cna@vuldb.com


Vulnérabilité ID : CVE-2023-28065

Première publication le : 2023-06-23T12:15:09.340

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.

CVE ID : CVE-2023-28065

Source : security_alert@emc.com

Score CVSS : 6.7

Références :
https://www.dell.com/support/kbdoc/en-us/000212574/dsa-2023-146 | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-35048

Première publication le : 2023-06-23T12:15:09.833

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <= 1.2.1 versions.

CVE ID : CVE-2023-35048

Source : audit@patchstack.com

Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/booking-and-rental-manager-for-woocommerce/wordpress-booking-and-rental-manager-plugin-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-27427

Première publication le : 2023-06-23T13:15:10.130

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZApps CRM Memberships plugin <= 1.6 versions.

CVE ID : CVE-2023-27427

Source : audit@patchstack.com

Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/crm-memberships/wordpress-crm-memberships-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-28751

Première publication le : 2023-06-23T13:15:10.277

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions.

CVE ID : CVE-2023-28751

Source : audit@patchstack.com

Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-32580

Première publication le : 2023-06-23T13:15:10.427

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.

CVE ID : CVE-2023-32580

Source : audit@patchstack.com

Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/password-protected/wordpress-password-protected-plugin-2-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-3302

Première publication le : 2023-06-23T13:15:10.517

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.

CVE ID : CVE-2023-3302

Source : security@huntr.dev

Score CVSS : 6.6

Références :
https://github.com/admidio/admidio/commit/c87a7074a1a73c4851263060afd76aa4d5b6415f | source : security@huntr.dev
https://huntr.dev/bounties/5e18619f-8379-464a-aad2-65883bb4e81a | source : security@huntr.dev


Vulnérabilité ID : CVE-2023-3303

Première publication le : 2023-06-23T13:15:10.587

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.

CVE ID : CVE-2023-3303

Source : security@huntr.dev

Score CVSS : 6.4

Références :
https://github.com/admidio/admidio/commit/3d8bafaa4e9b7a314ffdf548622a8c7b38faee8a | source : security@huntr.dev
https://huntr.dev/bounties/65d260cc-55a9-4e71-888d-cb2f66c071af | source : security@huntr.dev


Vulnérabilité ID : CVE-2023-3304

Première publication le : 2023-06-23T13:15:10.663

Dernière modification le : 2023-06-23T15:14:22.530

Description :
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.

CVE ID : CVE-2023-3304

Source : security@huntr.dev

Score CVSS : 5.9

Références :
https://github.com/admidio/admidio/commit/3b248b7d5e0e60a00ee2f9a6908d538d62a5837f | source : security@huntr.dev
https://huntr.dev/bounties/721fae61-3c8c-4e4b-8407-64321bc0ed17 | source : security@huntr.dev


Vulnérabilité ID : CVE-2023-23679

Première publication le : 2023-06-23T15:15:09.063

Dernière modification le : 2023-06-23T15:49:09.940

Description :
Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a through 2.7.7.

CVE ID : CVE-2023-23679

Source : audit@patchstack.com

Score CVSS : 4.6

Références :
https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-best-help-desk-support-plugin-plugin-2-7-7-idor-leading-to-ticket-deletion-vulnerability?_s_id=cve | source : audit@patchstack.com


Vulnérabilité ID : CVE-2023-34466

Première publication le : 2023-06-23T16:15:09.393

Dernière modification le : 2023-06-23T17:21:14.907

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1.

CVE ID : CVE-2023-34466

Source : security-advisories@github.com

Score CVSS : 4.3

Références :
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7f2f-pcv3-j2r7 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20002 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35925

Première publication le : 2023-06-23T16:15:09.477

Dernière modification le : 2023-06-23T17:21:14.907

Description :
FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the `Infinity` keyword (case-sensitive!) and executes any operation. This has a possibility of bringing the performing server down. This issue has been fixed in version 2.6.3.

CVE ID : CVE-2023-35925

Source : security-advisories@github.com

Score CVSS : 6.2

Références :
https://github.com/IntellectualSites/FastAsyncWorldEdit/pull/2285 | source : security-advisories@github.com
https://github.com/IntellectualSites/FastAsyncWorldEdit/releases/tag/2.6.3 | source : security-advisories@github.com
https://github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhp | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-3391

Première publication le : 2023-06-23T16:15:09.693

Dernière modification le : 2023-06-23T17:21:14.907

Description :
A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232288.

CVE ID : CVE-2023-3391

Source : cna@vuldb.com

Score CVSS : 6.3

Références :
https://github.com/mohdkey/Human-Resource-Management-System/blob/main/Human%20Resource%20Management%20System%20detailview.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.232288 | source : cna@vuldb.com
https://vuldb.com/?id.232288 | source : cna@vuldb.com


Vulnérabilité ID : CVE-2023-25520

Première publication le : 2023-06-23T18:15:11.033

Dernière modification le : 2023-06-23T19:24:43.457

Description :
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.

CVE ID : CVE-2023-25520

Source : psirt@nvidia.com

Score CVSS : 4.4

Références :
https://nvidia.custhelp.com/app/answers/detail/a_id/5466 | source : psirt@nvidia.com


Vulnérabilité ID : CVE-2023-32369

Première publication le : 2023-06-23T18:15:11.870

Dernière modification le : 2023-06-23T20:21:15.293

Description :
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system

CVE ID : CVE-2023-32369

Source : product-security@apple.com

Score CVSS : 6.0

Références :
https://support.apple.com/en-us/HT213758 | source : product-security@apple.com
https://support.apple.com/en-us/HT213759 | source : product-security@apple.com
https://support.apple.com/en-us/HT213760 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-3394

Première publication le : 2023-06-23T19:15:09.860

Dernière modification le : 2023-06-23T19:24:31.607

Description :
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.

CVE ID : CVE-2023-3394

Source : security@huntr.dev

Score CVSS : 6.8

Références :
https://github.com/fossbilling/fossbilling/commit/b9c35a174750f1463aea86168524efce6cd48ef7 | source : security@huntr.dev
https://huntr.dev/bounties/84bf3e85-cdeb-4b8d-9ea4-74156dbda83f | source : security@huntr.dev


Vulnérabilité ID : CVE-2023-34460

Première publication le : 2023-06-23T20:15:09.147

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Tauri is a framework for building binaries for all major desktop platforms. The 1.4.0 release includes a regression on the Filesystem scope check for dotfiles on Unix. Previously dotfiles were not implicitly allowed by the glob wildcard scopes (eg. `$HOME/*`), but a regression was introduced when a configuration option for this behavior was implemented. Only Tauri applications using wildcard scopes in the `fs` endpoint are affected. The regression has been patched on version 1.4.1.

CVE ID : CVE-2023-34460

Source : security-advisories@github.com

Score CVSS : 4.8

Références :
https://github.com/tauri-apps/tauri/commit/066c09a6ea06f42f550d090715e06beb65cd5564 | source : security-advisories@github.com
https://github.com/tauri-apps/tauri/pull/6969#discussion_r1232018347 | source : security-advisories@github.com
https://github.com/tauri-apps/tauri/pull/7227 | source : security-advisories@github.com
https://github.com/tauri-apps/tauri/security/advisories/GHSA-wmff-grcw-jcfm | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35167

Première publication le : 2023-06-23T20:15:09.227

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the `@Entity` decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the `id` of an entity instance is not authorized to access, can gain read, update and delete access to it. The issue is fixed in version 0.20.6. As a workaround, set the `apiPrefilter` option to a filter object instead of a function.

CVE ID : CVE-2023-35167

Source : security-advisories@github.com

Score CVSS : 5.0

Références :
https://github.com/remult/remult/commit/6892ae97134126d8710ef7302bb2fc37730994c5 | source : security-advisories@github.com
https://github.com/remult/remult/releases/tag/v0.20.6 | source : security-advisories@github.com
https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35163

Première publication le : 2023-06-23T21:15:09.473

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resulting in 5000USDT in that party’s general account. This is without depositing any more than the original 100USDT on the bridge. Despite this exploit requiring access to a validator's Vega key, a validator key can be obtained at the small cost of 3000VEGA, the amount needed to announce a new node onto the network. A patch is available in version 0.71.6. No known workarounds are available, however there are mitigations in place should this vulnerability be exploited. There are monitoring alerts for `mainnet1` in place to identify any issues of this nature including this vulnerability being exploited. The validators have the ability to stop the bridge thus stopping any withdrawals should this vulnerability be exploited.

CVE ID : CVE-2023-35163

Source : security-advisories@github.com

Score CVSS : 6.0

Références :
https://github.com/vegaprotocol/vega/commit/56b09bf57af8cd9eca5996252d86f469a3e34c68 | source : security-advisories@github.com
https://github.com/vegaprotocol/vega/releases/tag/v0.71.6 | source : security-advisories@github.com
https://github.com/vegaprotocol/vega/security/advisories/GHSA-8rc9-vxjh-qjf2 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35165

Première publication le : 2023-06-23T21:15:09.553

Dernière modification le : 2023-06-24T12:41:30.800

Description :
AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. In the packages `aws-cdk-lib` 2.0.0 until 2.80.0 and `@aws-cdk/aws-eks` 1.57.0 until 1.202.0, `eks.Cluster` and `eks.FargateCluster` constructs create two roles, `CreationRole` and `default MastersRole`, that have an overly permissive trust policy. The first, referred to as the `CreationRole`, is used by lambda handlers to create the cluster and deploy Kubernetes resources (e.g `KubernetesManifest`, `HelmChart`, ...) onto it. Users with CDK version higher or equal to 1.62.0 (including v2 users) may be affected. The second, referred to as the `default MastersRole`, is provisioned only if the `mastersRole` property isn't provided and has permissions to execute `kubectl` commands on the cluster. Users with CDK version higher or equal to 1.57.0 (including v2 users) may be affected. The issue has been fixed in `@aws-cdk/aws-eks` v1.202.0 and `aws-cdk-lib` v2.80.0. These versions no longer use the account root principal. Instead, they restrict the trust policy to the specific roles of lambda handlers that need it. There is no workaround available for CreationRole. To avoid creating the `default MastersRole`, use the `mastersRole` property to explicitly provide a role.

CVE ID : CVE-2023-35165

Source : security-advisories@github.com

Score CVSS : 6.6

Références :
https://github.com/aws/aws-cdk/issues/25674 | source : security-advisories@github.com
https://github.com/aws/aws-cdk/security/advisories/GHSA-rx28-r23p-2qc3 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35171

Première publication le : 2023-06-23T21:15:09.703

Dernière modification le : 2023-06-24T12:41:30.800

Description :
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 and prior to version 26.0.2, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker's site. Nextcloud Server and Nextcloud Enterprise Server 26.0.2 contain a patch for this issue. No known workarounds are available.

CVE ID : CVE-2023-35171

Source : security-advisories@github.com

Score CVSS : 4.1

Références :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h353-vvwv-j2r4 | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/38194 | source : security-advisories@github.com
https://hackerone.com/reports/1977222 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-35173

Première publication le : 2023-06-23T21:15:09.853

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryption app is upgraded to version 1.12.4 that contains the fix.

CVE ID : CVE-2023-35173

Source : security-advisories@github.com

Score CVSS : 5.7

Références :
https://github.com/nextcloud/end_to_end_encryption/pull/435 | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-x7c7-v5r3-mg37 | source : security-advisories@github.com
https://hackerone.com/reports/1914115 | source : security-advisories@github.com


Vulnérabilité ID : CVE-2023-1783

Première publication le : 2023-06-23T22:15:08.897

Dernière modification le : 2023-06-24T12:41:30.800

Description :
OrangeScrum version 2.0.11 allows an external attacker to remotely obtain AWS instance credentials. This is possible because the application does not properly validate the HTML content to be converted to PDF.

CVE ID : CVE-2023-1783

Source : help@fluidattacks.com

Score CVSS : 6.5

Références :
https://fluidattacks.com/advisories/stirling/ | source : help@fluidattacks.com
https://github.com/Orangescrum/orangescrum/ | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-3387

Première publication le : 2023-06-24T03:15:09.157

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lana_text_to_image' and 'lana_text_to_img' shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-3387

Source : security@wordfence.com

Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/lana-text-to-image/tags/1.0.0/lana-text-to-image.php#L97 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2929913/lana-text-to-image | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/8acb7893-85b2-404a-b3fe-b4c1a835b3eb?source=cve | source : security@wordfence.com


Vulnérabilité(s) LOW [0.1, 3.9]

Vulnérabilité ID : CVE-2023-23344

Première publication le : 2023-06-23T06:15:09.707

Dernière modification le : 2023-06-23T13:03:31.027

Description :
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page.

CVE ID : CVE-2023-23344

Source : psirt@hcl.com

Score CVSS : 3.0

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105705 | source : psirt@hcl.com


Vulnérabilité ID : CVE-2023-32463

Première publication le : 2023-06-23T08:15:09.313

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE ID : CVE-2023-32463

Source : security_alert@emc.com

Score CVSS : 3.4

Références :
https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-32464

Première publication le : 2023-06-23T08:15:09.400

Dernière modification le : 2023-06-23T13:03:31.027

Description :
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

CVE ID : CVE-2023-32464

Source : security_alert@emc.com

Score CVSS : 2.7

Références :
https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450 | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-3381

Première publication le : 2023-06-23T10:15:10.803

Dernière modification le : 2023-06-23T13:03:24.293

Description :
A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-232237 was assigned to this vulnerability.

CVE ID : CVE-2023-3381

Source : cna@vuldb.com

Score CVSS : 3.5

Références :
https://github.com/M9KJ-TEAM/CVEReport/blob/main/XSS2.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.232237 | source : cna@vuldb.com
https://vuldb.com/?id.232237 | source : cna@vuldb.com


Vulnérabilité ID : CVE-2023-3382

Première publication le : 2023-06-23T10:15:10.880

Dernière modification le : 2023-06-23T13:03:24.293

Description :
A vulnerability, which was classified as problematic, has been found in SourceCodester Game Result Matrix System 1.0. Affected by this issue is some unknown functionality of the file /dipam/save-delegates.php of the component GET Parameter Handler. The manipulation of the argument del_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-232238 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3382

Source : cna@vuldb.com

Score CVSS : 3.5

Références :
https://github.com/M9KJ-TEAM/CVEReport/blob/main/XSS3.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.232238 | source : cna@vuldb.com
https://vuldb.com/?id.232238 | source : cna@vuldb.com


Vulnérabilité ID : CVE-2023-28064

Première publication le : 2023-06-23T11:15:09.697

Dernière modification le : 2023-06-23T13:03:18.900

Description :
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

CVE ID : CVE-2023-28064

Source : security_alert@emc.com

Score CVSS : 3.5

Références :
https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability | source : security_alert@emc.com


Vulnérabilité ID : CVE-2023-35931

Première publication le : 2023-06-23T20:15:09.357

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been patched in version 1.7.1.

CVE ID : CVE-2023-35931

Source : security-advisories@github.com

Score CVSS : 3.1

Références :
https://github.com/ericcornelissen/shescape/commit/d0fce70f987ac0d8331f93cb45d47e79436173ac | source : security-advisories@github.com
https://github.com/ericcornelissen/shescape/pull/982 | source : security-advisories@github.com
https://github.com/ericcornelissen/shescape/releases/tag/v1.7.1 | source : security-advisories@github.com
https://github.com/ericcornelissen/shescape/security/advisories/GHSA-3g7p-8qhx-mc8r | source : security-advisories@github.com


About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.