Dernières vulnérabilités du Jeudi 27 Juillet 2023

Dernières vulnérabilités du Jeudi 27 Juillet 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 27/07/2023 à 22:37:09

(3) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : wordfence.com

Vulnérabilité ID : CVE-2023-3956

Première publication le : 27-07-2023 07:15:09
Dernière modification le : 27-07-2023 12:13:11

Description :
The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user.

CVE ID : CVE-2023-3956
Source : security@wordfence.com
Score CVSS : 9.8

Références :
https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3973

Première publication le : 27-07-2023 15:15:12
Dernière modification le : 27-07-2023 16:52:09

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.

CVE ID : CVE-2023-3973
Source : security@huntr.dev
Score CVSS : 9.6

Références :
https://github.com/jgraph/drawio/commit/1db2c2c653aa245d175d30c210239e3946bfcb95 | source : security@huntr.dev
https://huntr.dev/bounties/4c1c5db5-210f-4d7e-8380-b95f88fdb78d | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3974

Première publication le : 27-07-2023 15:15:12
Dernière modification le : 27-07-2023 16:52:09

Description :
OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.

CVE ID : CVE-2023-3974
Source : security@huntr.dev
Score CVSS : 9.6

Références :
https://github.com/jgraph/drawio/commit/9d6532de36496e77d872d91b1947bb696607d623 | source : security@huntr.dev
https://huntr.dev/bounties/ce75aa04-e4d6-4e0a-9db0-ae84c46ae9e2 | source : security@huntr.dev

Vulnérabilité : CWE-78


(13) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-3975

Première publication le : 27-07-2023 15:15:12
Dernière modification le : 27-07-2023 16:52:09

Description :
OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0.

CVE ID : CVE-2023-3975
Source : security@huntr.dev
Score CVSS : 8.3

Références :
https://github.com/jgraph/drawio/commit/8ec95cb03e0a80cf908a282522ac1651306db340 | source : security@huntr.dev
https://huntr.dev/bounties/4da96d20-78ac-462e-910c-a14db9062161 | source : security@huntr.dev

Vulnérabilité : CWE-78


Source : github.com

Vulnérabilité ID : CVE-2023-38495

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered with a Package. The problem has been fixed in 1.11.5, 1.12.3 and 1.13.0. As a workaround, only use images from trusted sources and keep Package editing/creating privileges to administrators only.

CVE ID : CVE-2023-38495
Source : security-advisories@github.com
Score CVSS : 8.3

Références :
https://github.com/crossplane/crossplane/blob/ac8b24fe739c5d942ea885157148497f196c3dd3/security/ADA-security-audit-23.pdf | source : security-advisories@github.com
https://github.com/crossplane/crossplane/security/advisories/GHSA-pj4x-2xr5-w87m | source : security-advisories@github.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-38510

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It's important to note that this vulnerability only affects projects that have inadvertently exposed their API keys on the internet. Projects that have kept their API keys secure are not impacted. This issue is fixed in version 3.23.1.

CVE ID : CVE-2023-38510
Source : security-advisories@github.com
Score CVSS : 8.1

Références :
https://github.com/tolgee/tolgee-platform/commit/4776cba67e7bb8c1b0259376e3e5fa3bb46e45c7 | source : security-advisories@github.com
https://github.com/tolgee/tolgee-platform/pull/1818 | source : security-advisories@github.com
https://github.com/tolgee/tolgee-platform/releases/tag/v3.23.1 | source : security-advisories@github.com
https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-4f9j-4vh4-p85v | source : security-advisories@github.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-38504

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client.

CVE ID : CVE-2023-38504
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/balderdashy/sails/commit/4a023dc5095a4b30fdc8535f705ed34cd22d2f7d | source : security-advisories@github.com
https://github.com/balderdashy/sails/pull/7287 | source : security-advisories@github.com
https://github.com/balderdashy/sails/releases/tag/v1.5.7 | source : security-advisories@github.com
https://github.com/balderdashy/sails/security/advisories/GHSA-gpw9-fwm8-7rx7 | source : security-advisories@github.com

Vulnérabilité : CWE-248


Vulnérabilité ID : CVE-2023-38505

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won't provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections.

CVE ID : CVE-2023-38505
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7 | source : security-advisories@github.com
https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666 | source : security-advisories@github.com
https://github.com/ravenclaw900/DietPi-Dashboard/pull/606 | source : security-advisories@github.com
https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44 | source : security-advisories@github.com

Vulnérabilité : CWE-410
Vulnérabilité : CWE-412


Vulnérabilité ID : CVE-2023-38489

Première publication le : 27-07-2023 15:15:12
Dernière modification le : 27-07-2023 16:52:09

Description :
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby's API and Panel are disabled in the config). It can only be abused if a Kirby user is logged in on a device or browser that is shared with potentially untrusted users or if an attacker already maliciously used a previous password to log in to a Kirby site as the affected user. Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization. In the variation described in this advisory, it allows attackers to stay logged in to a Kirby site on another device even if the logged in user has since changed their password. Kirby did not invalidate user sessions that were created with a password that was since changed by the user or by a site admin. If a user changed their password to lock out an attacker who was already in possession of the previous password or of a login session on another device or browser, the attacker would not be reliably prevented from accessing the Kirby site as the affected user. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have updated the authentication implementation to keep track of the hashed password in each active session. If the password changed since the login, the session is invalidated. To enforce this fix even if the vulnerability was previously abused, all users are logged out from the Kirby site after updating to one of the patched releases.

CVE ID : CVE-2023-38489
Source : security-advisories@github.com
Score CVSS : 7.3

Références :
https://github.com/getkirby/kirby/commit/7a0a2014c69fdb925ea02f30e7793bb50115e931 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.5.8.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.6.6.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.7.5.2 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.8.4.1 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.9.6 | source : security-advisories@github.com
https://github.com/getkirby/kirby/security/advisories/GHSA-5mvj-rvp8-rf45 | source : security-advisories@github.com

Vulnérabilité : CWE-613


Vulnérabilité ID : CVE-2023-38488

Première publication le : 27-07-2023 15:15:11
Dernière modification le : 27-07-2023 16:52:09

Description :
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update a Kirby content file (e.g. via a contact or comment form). Kirby sites are *not* affected if they don't allow write access for untrusted users or visitors. A field injection in a content storage implementation is a type of vulnerability that allows attackers with content write access to overwrite content fields that the site developer didn't intend to be modified. In a Kirby site this can be used to alter site content, break site behavior or inject malicious data or code. The exact security risk depends on the field type and usage. Kirby stores content of the site, of pages, files and users in text files by default. The text files use Kirby's KirbyData format where each field is separated by newlines and a line with four dashes (`----`). When reading a KirbyData file, the affected code first removed the Unicode BOM sequence from the file contents and afterwards split the content into fields by the field separator. When writing to a KirbyData file, field separators in field data are escaped to prevent user input from interfering with the field structure. However this escaping could be tricked by including a Unicode BOM sequence in a field separator (e.g. `--\xEF\xBB\xBF--`). When writing, this was not detected as a separator, but because the BOM was removed during reading, it could be abused by attackers to inject other field data into content files. Because each field can only be defined once per content file, this vulnerability only affects fields in the content file that were defined above the vulnerable user-writable field or not at all. Fields that are defined below the vulnerable field override the injected field content and were therefore already protected. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have fixed the affected code to only remove the Unicode BOM sequence at the beginning of the file. This fixes this vulnerability both for newly written as well as for existing content files.

CVE ID : CVE-2023-38488
Source : security-advisories@github.com
Score CVSS : 7.1

Références :
https://github.com/getkirby/kirby/commit/a1e0f81c799ddae1af91cf37216f8ded9cb93540 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.5.8.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.6.6.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.7.5.2 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.8.4.1 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.9.6 | source : security-advisories@github.com
https://github.com/getkirby/kirby/security/advisories/GHSA-x5mr-p6v4-wp93 | source : security-advisories@github.com

Vulnérabilité : CWE-140


Source : patchstack.com

Vulnérabilité ID : CVE-2023-37981

Première publication le : 27-07-2023 14:15:09
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPKube Authors List plugin <= 2.0.2 versions.

CVE ID : CVE-2023-37981
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/authors-list/wordpress-authors-list-plugin-2-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37894

Première publication le : 27-07-2023 15:15:09
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Images Gallery for WooCommerce plugin <= 2.3.3 versions.

CVE ID : CVE-2023-37894
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woo-product-variation-gallery/wordpress-variation-images-gallery-for-woocommerce-plugin-2-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37975

Première publication le : 27-07-2023 15:15:10
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin <= 2.3.7 versions.

CVE ID : CVE-2023-37975
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woo-product-variation-swatches/wordpress-variation-swatches-for-woocommerce-plugin-2-3-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37976

Première publication le : 27-07-2023 15:15:10
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Radio Forge Muses Player with Skins plugin <= 2.5 versions.

CVE ID : CVE-2023-37976
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/radio-forge/wordpress-radio-forge-muses-player-with-skins-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37977

Première publication le : 27-07-2023 15:15:11
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFunnels Team Drag & Drop Sales Funnel Builder for WordPress – WPFunnels plugin <= 2.7.16 versions.

CVE ID : CVE-2023-37977
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wpfunnels/wordpress-wpfunnels-plugin-2-7-16-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37979

Première publication le : 27-07-2023 15:15:11
Dernière modification le : 27-07-2023 16:52:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

CVE ID : CVE-2023-37979
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/articles/multiple-high-severity-vulnerabilities-in-ninja-forms-plugin?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-6-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(14) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : github.com

Vulnérabilité ID : CVE-2023-38490

Première publication le : 27-07-2023 15:15:12
Dernière modification le : 27-07-2023 16:52:09

Description :
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, 'xml')`) or the `Xml::parse()` method in site or plugin code. The Kirby core does not use any of the affected methods. XML External Entities (XXE) is a little used feature in the XML markup language that allows to include data from external files in an XML structure. If the name of the external file can be controlled by an attacker, this becomes a vulnerability that can be abused for various system impacts like the disclosure of internal or confidential data that is stored on the server (arbitrary file disclosure) or to perform network requests on behalf of the server (server-side request forgery, SSRF). Kirby's `Xml::parse()` method used PHP's `LIBXML_NOENT` constant, which enabled the processing of XML external entities during the parsing operation. The `Xml::parse()` method is used in the `Xml` data handler (e.g. `Data::decode($string, 'xml')`). Both the vulnerable method and the data handler are not used in the Kirby core. However they may be used in site or plugin code, e.g. to parse RSS feeds or other XML files. If those files are of an external origin (e.g. uploaded by a user or retrieved from an external URL), attackers may be able to include an external entity in the XML file that will then be processed in the parsing process. Kirby sites that don't use XML parsing in site or plugin code are *not* affected. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have removed the `LIBXML_NOENT` constant as processing of external entities is out of scope of the parsing logic. This protects all uses of the method against the described vulnerability.

CVE ID : CVE-2023-38490
Source : security-advisories@github.com
Score CVSS : 6.8

Références :
https://github.com/getkirby/kirby/commit/277b05662d2b67386f0a0f18323cf68b30e86387 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.5.8.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.6.6.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.7.5.2 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.8.4.1 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.9.6 | source : security-advisories@github.com
https://github.com/getkirby/kirby/security/advisories/GHSA-q386-w6fg-gmgp | source : security-advisories@github.com

Vulnérabilité : CWE-611
Vulnérabilité : CWE-776


Vulnérabilité ID : CVE-2023-38491

Première publication le : 27-07-2023 16:15:10
Dernière modification le : 27-07-2023 16:52:09

Description :
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content folder. Kirby sites are not affected if they don't allow file uploads for untrusted users or visitors or if the file extensions of uploaded files are limited to a fixed safe list. The attack requires user interaction by another user or visitor and cannot be automated. An editor with write access to the Kirby Panel could upload a file with an unknown file extension like `.xyz` that contains HTML code including harmful content like `<script>` tags. The direct link to that file could be sent to other users or visitors of the site. If the victim opened that link in a browser where they are logged in to Kirby and the file had not been opened by anyone since the upload, Kirby would not be able to send the correct MIME content type, instead falling back to `text/html`. The browser would then run the script, which could for example trigger requests to Kirby's API with the permissions of the victim. The issue was caused by the underlying `Kirby\Http\Response::file()` method, which didn't have an explicit fallback if the MIME type could not be determined from the file extension. If you use this method in site or plugin code, these uses may be affected by the same vulnerability. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have fixed the affected method to use a fallback MIME type of `text/plain` and set the `X-Content-Type-Options: nosniff` header if the MIME type of the file is unknown.

CVE ID : CVE-2023-38491
Source : security-advisories@github.com
Score CVSS : 5.7

Références :
https://github.com/getkirby/kirby/commit/2f06ba1c026bc91cb0702bc16b7d505642536d15 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.5.8.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.6.6.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.7.5.2 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.8.4.1 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.9.6 | source : security-advisories@github.com
https://github.com/getkirby/kirby/security/advisories/GHSA-8fv7-wq38-f5c9 | source : security-advisories@github.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38492

Première publication le : 27-07-2023 16:15:11
Dernière modification le : 27-07-2023 16:52:09

Description :
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby's API and Panel are disabled in the config). The real-world impact of this vulnerability is limited, however we still recommend to update to one of the patch releases because they also fix more severe vulnerabilities. Kirby's authentication endpoint did not limit the password length. This allowed attackers to provide a password with a length up to the server's maximum request body length. Validating that password against the user's actual password requires hashing the provided password, which requires more CPU and memory resources (and therefore processing time) the longer the provided password gets. This could be abused by an attacker to cause the website to become unresponsive or unavailable. Because Kirby comes with a built-in brute force protection, the impact of this vulnerability is limited to 10 failed logins from each IP address and 10 failed logins for each existing user per hour. The problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have added password length limits in the affected code so that passwords longer than 1000 bytes are immediately blocked, both when setting a password and when logging in.

CVE ID : CVE-2023-38492
Source : security-advisories@github.com
Score CVSS : 5.3

Références :
https://github.com/getkirby/kirby/commit/0e10ce3b0c2b88656564b8ff518ddc99136ac43e | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.5.8.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.6.6.3 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.7.5.2 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.8.4.1 | source : security-advisories@github.com
https://github.com/getkirby/kirby/releases/tag/3.9.6 | source : security-advisories@github.com
https://github.com/getkirby/kirby/security/advisories/GHSA-3v6j-v3qc-cxff | source : security-advisories@github.com

Vulnérabilité : CWE-770


Source : hcl.com

Vulnérabilité ID : CVE-2023-28014

Première publication le : 27-07-2023 00:15:13
Dernière modification le : 27-07-2023 12:13:19

Description :
HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.

CVE ID : CVE-2023-28014
Source : psirt@hcl.com
Score CVSS : 6.6

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371 | source : psirt@hcl.com


Vulnérabilité ID : CVE-2023-28012

Première publication le : 27-07-2023 00:15:13
Dernière modification le : 27-07-2023 12:13:19

Description :
HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.

CVE ID : CVE-2023-28012
Source : psirt@hcl.com
Score CVSS : 5.4

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106372 | source : psirt@hcl.com


Source : patchstack.com

Vulnérabilité ID : CVE-2023-37970

Première publication le : 27-07-2023 15:15:10
Dernière modification le : 27-07-2023 16:52:09

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions.

CVE ID : CVE-2023-37970
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/mf-gig-calendar/wordpress-mf-gig-calendar-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37980

Première publication le : 27-07-2023 14:15:09
Dernière modification le : 27-07-2023 16:52:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Custom Field For WP Job Manager plugin <= 1.1 versions.

CVE ID : CVE-2023-37980
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/custom-field-for-wp-job-manager/wordpress-custom-field-for-wp-job-manager-plugin-1-1-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37993

Première publication le : 27-07-2023 14:15:09
Dernière modification le : 27-07-2023 16:52:09

Description :
Auth. Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany IT-RECHT KANZLEI plugin <= 1.7 versions.

CVE ID : CVE-2023-37993
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wpshopgermany-it-recht-kanzlei/wordpress-wpshopgermany-it-recht-kanzlei-plugin-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38512

Première publication le : 27-07-2023 14:15:09
Dernière modification le : 27-07-2023 16:52:09

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Wpstream WpStream – Live Streaming, Video on Demand, Pay Per View plugin <= 4.5.4 versions.

CVE ID : CVE-2023-38512
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/wpstream/wordpress-wpstream-live-streaming-video-on-demand-pay-per-view-plugin-4-5-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3981

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2.

CVE ID : CVE-2023-3981
Source : security@huntr.dev
Score CVSS : 6.5

Références :
https://github.com/omeka/omeka-s/commit/dc01ca1b03e845db8a6a6b665d8da36c8dcd2c31 | source : security@huntr.dev
https://huntr.dev/bounties/f5018226-0063-415d-9675-d7e30934ff78 | source : security@huntr.dev

Vulnérabilité : CWE-918


Vulnérabilité ID : CVE-2023-3980

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.

CVE ID : CVE-2023-3980
Source : security@huntr.dev
Score CVSS : 5.4

Références :
https://github.com/omeka/omeka-s/commit/c6833c0531a07bd914e9f85a61bbbc16e9b4c8df | source : security@huntr.dev
https://huntr.dev/bounties/6eb3cb9a-5c78-451f-ae76-0b1e62fe5e54 | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3982

Première publication le : 27-07-2023 19:15:10
Dernière modification le : 27-07-2023 19:15:10

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.

CVE ID : CVE-2023-3982
Source : security@huntr.dev
Score CVSS : 5.4

Références :
https://github.com/omeka/omeka-s/commit/27ff6575c88d970ce95e1d4096553a927e2003b9 | source : security@huntr.dev
https://huntr.dev/bounties/e5e889ee-5947-4c2a-a72e-9c90e2e2a845 | source : security@huntr.dev

Vulnérabilité : CWE-79


Source : emc.com

Vulnérabilité ID : CVE-2023-32450

Première publication le : 27-07-2023 05:15:10
Dernière modification le : 27-07-2023 12:13:11

Description :
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.

CVE ID : CVE-2023-32450
Source : security_alert@emc.com
Score CVSS : 6.1

Références :
https://www.dell.com/support/kbdoc/en-us/000215215/dsa-2023-181-dell-power-manager-security-update-for-an-improper-access-control-vulnerability | source : security_alert@emc.com

Vulnérabilité : CWE-379


Source : wordfence.com

Vulnérabilité ID : CVE-2023-3957

Première publication le : 27-07-2023 07:15:10
Dernière modification le : 27-07-2023 12:13:11

Description :
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with subscriber-level permissions or above, to update the user metas arbitrarily. The meta value can only be a string.

CVE ID : CVE-2023-3957
Source : security@wordfence.com
Score CVSS : 4.3

Références :
https://plugins.trac.wordpress.org/browser/navz-photo-gallery/tags/1.9/includes/acf_photo_gallery_save.php#L42 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2943404/navz-photo-gallery#file0 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/689511e0-1355-4fcb-8a72-d819abc8e9a3?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-285


(3) Vulnérabilité(s) LOW [0.1, 3.9]

Source : vuldb.com

Vulnérabilité ID : CVE-2023-3969

Première publication le : 27-07-2023 12:15:09
Dernière modification le : 27-07-2023 13:49:26

Description :
A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promo_code leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235568.

CVE ID : CVE-2023-3969
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://seclists.org/fulldisclosure/2023/Jul/51 | source : cna@vuldb.com
https://vuldb.com/?ctiid.235568 | source : cna@vuldb.com
https://vuldb.com/?id.235568 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3970

Première publication le : 27-07-2023 12:15:10
Dernière modification le : 27-07-2023 13:49:26

Description :
A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser&action=edit&id=1 of the component Image Handler. The manipulation of the argument img leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235569 was assigned to this vulnerability.

CVE ID : CVE-2023-3970
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://seclists.org/fulldisclosure/2023/Jul/51 | source : cna@vuldb.com
https://vuldb.com/?ctiid.235569 | source : cna@vuldb.com
https://vuldb.com/?id.235569 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Source : github.com

Vulnérabilité ID : CVE-2023-37900

Première publication le : 27-07-2023 16:15:10
Dernière modification le : 27-07-2023 16:52:09

Description :
Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, a high-privileged user could create a Package referencing an arbitrarily large image containing that Crossplane would then parse, possibly resulting in exhausting all the available memory and therefore in the container being OOMKilled. The impact is limited due to the high privileges required to be able to create the Package and the eventually consistency nature of controller. This issue is fixed in versions 1.11.5, 1.12.3, and 1.13.0.

CVE ID : CVE-2023-37900
Source : security-advisories@github.com
Score CVSS : 3.4

Références :
https://github.com/crossplane/crossplane/blob/ac8b24fe739c5d942ea885157148497f196c3dd3/security/ADA-security-audit-23.pdf | source : security-advisories@github.com
https://github.com/crossplane/crossplane/security/advisories/GHSA-68p4-95xf-7gx8 | source : security-advisories@github.com

Vulnérabilité : CWE-400
Vulnérabilité : CWE-770


(46) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : apple.com

Vulnérabilité ID : CVE-2023-32381

Première publication le : 27-07-2023 00:15:14
Dernière modification le : 27-07-2023 12:13:19

Description :
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-32381
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32433

Première publication le : 27-07-2023 00:15:14
Dernière modification le : 27-07-2023 12:13:19

Description :
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-32433
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32437

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:19

Description :
The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox.

CVE ID : CVE-2023-32437
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-35983

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system.

CVE ID : CVE-2023-35983
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-36854

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution.

CVE ID : CVE-2023-36854
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-36862

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.

CVE ID : CVE-2023-36862
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-37450

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVE ID : CVE-2023-37450
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213826 | source : product-security@apple.com
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38133

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information.

CVE ID : CVE-2023-38133
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38410

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges.

CVE ID : CVE-2023-38410
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38594

Première publication le : 27-07-2023 00:15:15
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38594
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38597

Première publication le : 27-07-2023 00:15:16
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38597
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38606

Première publication le : 27-07-2023 00:15:16
Dernière modification le : 27-07-2023 12:13:15

Description :
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.

CVE ID : CVE-2023-38606
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32364

Première publication le : 27-07-2023 01:15:20
Dernière modification le : 27-07-2023 12:13:15

Description :
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.

CVE ID : CVE-2023-32364
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32393

Première publication le : 27-07-2023 01:15:23
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-32393
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213599 | source : product-security@apple.com
https://support.apple.com/en-us/HT213601 | source : product-security@apple.com
https://support.apple.com/en-us/HT213605 | source : product-security@apple.com
https://support.apple.com/en-us/HT213606 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32416

Première publication le : 27-07-2023 01:15:27
Dernière modification le : 27-07-2023 12:13:15

Description :
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to read sensitive location information.

CVE ID : CVE-2023-32416
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32418

Première publication le : 27-07-2023 01:15:28
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution.

CVE ID : CVE-2023-32418
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32429

Première publication le : 27-07-2023 01:15:29
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass Privacy preferences.

CVE ID : CVE-2023-32429
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32441

Première publication le : 27-07-2023 01:15:31
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-32441
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32442

Première publication le : 27-07-2023 01:15:31
Dernière modification le : 27-07-2023 12:13:15

Description :
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings.

CVE ID : CVE-2023-32442
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32443

Première publication le : 27-07-2023 01:15:31
Dernière modification le : 27-07-2023 12:13:15

Description :
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents.

CVE ID : CVE-2023-32443
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32734

Première publication le : 27-07-2023 01:15:32
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-32734
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-35993

Première publication le : 27-07-2023 01:15:32
Dernière modification le : 27-07-2023 12:13:15

Description :
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-35993
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38136

Première publication le : 27-07-2023 01:15:34
Dernière modification le : 27-07-2023 12:13:15

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38136
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38258

Première publication le : 27-07-2023 01:15:34
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory.

CVE ID : CVE-2023-38258
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38259

Première publication le : 27-07-2023 01:15:34
Dernière modification le : 27-07-2023 12:13:11

Description :
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data.

CVE ID : CVE-2023-38259
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38261

Première publication le : 27-07-2023 01:15:35
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38261
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38421

Première publication le : 27-07-2023 01:15:35
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory.

CVE ID : CVE-2023-38421
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38424

Première publication le : 27-07-2023 01:15:36
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38424
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38425

Première publication le : 27-07-2023 01:15:36
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38425
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38564

Première publication le : 27-07-2023 01:15:36
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system.

CVE ID : CVE-2023-38564
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38565

Première publication le : 27-07-2023 01:15:36
Dernière modification le : 27-07-2023 12:13:11

Description :
A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to gain root privileges.

CVE ID : CVE-2023-38565
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38572

Première publication le : 27-07-2023 01:15:36
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy.

CVE ID : CVE-2023-38572
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38580

Première publication le : 27-07-2023 01:15:37
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38580
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38593

Première publication le : 27-07-2023 01:15:37
Dernière modification le : 27-07-2023 12:13:11

Description :
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to cause a denial-of-service.

CVE ID : CVE-2023-38593
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38595

Première publication le : 27-07-2023 01:15:37
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38595
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38600

Première publication le : 27-07-2023 01:15:38
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38600
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38602

Première publication le : 27-07-2023 01:15:38
Dernière modification le : 27-07-2023 12:13:11

Description :
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system.

CVE ID : CVE-2023-38602
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38603

Première publication le : 27-07-2023 01:15:38
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause a denial-of-service.

CVE ID : CVE-2023-38603
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38608

Première publication le : 27-07-2023 01:15:39
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.5. An app may be able to access user-sensitive data.

CVE ID : CVE-2023-38608
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38611

Première publication le : 27-07-2023 01:15:39
Dernière modification le : 27-07-2023 12:13:11

Description :
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38611
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Source : mitre.org

Vulnérabilité ID : CVE-2023-29845

Première publication le : 27-07-2023 16:15:10
Dernière modification le : 27-07-2023 16:15:10

Description :
** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-29845
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2021-36580

Première publication le : 27-07-2023 18:15:09
Dernière modification le : 27-07-2023 18:49:00

Description :
Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.

CVE ID : CVE-2021-36580
Source : cve@mitre.org
Score CVSS : /

Références :
http://icewarp.com | source : cve@mitre.org
http://mail.ziyan.com | source : cve@mitre.org
https://medium.com/@rohitgautam26/cve-2021-36580-69219798231c | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36941

Première publication le : 27-07-2023 18:15:10
Dernière modification le : 27-07-2023 18:49:00

Description :
A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields.

CVE ID : CVE-2023-36941
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36941-xss-on-online-fire-reporting-system-v-1-2-df84d7ac3fd1 | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-31200

Première publication le : 27-07-2023 19:15:09
Dernière modification le : 27-07-2023 19:15:09

Description :
Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field.

CVE ID : CVE-2022-31200
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@rohitgautam26/cve-2022-31200-5117bac8d548 | source : cve@mitre.org
https://portswigger.net/blog/exploiting-xss-in-post-requests | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-22623

Première publication le : 27-07-2023 20:15:09
Dernière modification le : 27-07-2023 20:15:09

Description :
Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information.

CVE ID : CVE-2020-22623
Source : cve@mitre.org
Score CVSS : /

Références :
http://jinfornet.com | source : cve@mitre.org
http://jreport.com | source : cve@mitre.org
https://medium.com/@nguyenhongphu/cve-2020-22623-jinfornet-jreport-unauthenticated-path-traversal-arbitrary-file-download-83224cef32c8 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36942

Première publication le : 27-07-2023 20:15:10
Dernière modification le : 27-07-2023 20:15:10

Description :
A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field.

CVE ID : CVE-2023-36942
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36942-xss-on-online-fire-reporting-system-v-1-2-19357e54978c | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.