Dernières vulnérabilités du Jeudi 3 Août 2023

Dernières vulnérabilités du Jeudi 3 Août 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 03/08/2023 à 23:58:03

(1) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : yd.MitsubishiElectric.co.jp

Vulnérabilité ID : CVE-2023-3346

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.

CVE ID : CVE-2023-3346
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Score CVSS : 9.8

Références :
https://jvn.jp/vu/JVNVU90352157/index.html | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnérabilité : CWE-120


(17) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4125

Première publication le : 03-08-2023 04:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0.

CVE ID : CVE-2023-4125
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/answerdev/answer/commit/7d23b17cdbbefcd2e7b5c3150f0b5ec908dc835f | source : security@huntr.dev
https://huntr.dev/bounties/85bfd18f-8d3b-4154-8b7b-1f8fcf704e28 | source : security@huntr.dev

Vulnérabilité : CWE-521


Vulnérabilité ID : CVE-2023-4124

Première publication le : 03-08-2023 04:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1.

CVE ID : CVE-2023-4124
Source : security@huntr.dev
Score CVSS : 8.1

Références :
https://github.com/answerdev/answer/commit/964195fd859ee5d7171fac847374dfa31893e793 | source : security@huntr.dev
https://huntr.dev/bounties/2c684f99-d181-4106-8ee2-64a76ae6a348 | source : security@huntr.dev

Vulnérabilité : CWE-862


Source : axis.com

Vulnérabilité ID : CVE-2023-21407

Première publication le : 03-08-2023 07:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.

CVE ID : CVE-2023-21407
Source : product-security@axis.com
Score CVSS : 8.8

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Vulnérabilité ID : CVE-2023-21408

Première publication le : 03-08-2023 07:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.

CVE ID : CVE-2023-21408
Source : product-security@axis.com
Score CVSS : 8.4

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Vulnérabilité ID : CVE-2023-21409

Première publication le : 03-08-2023 07:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.

CVE ID : CVE-2023-21409
Source : product-security@axis.com
Score CVSS : 8.4

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Vulnérabilité ID : CVE-2023-21410

Première publication le : 03-08-2023 07:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.

CVE ID : CVE-2023-21410
Source : product-security@axis.com
Score CVSS : 7.2

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Vulnérabilité ID : CVE-2023-21411

Première publication le : 03-08-2023 07:15:13
Dernière modification le : 03-08-2023 12:40:03

Description :
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.

CVE ID : CVE-2023-21411
Source : product-security@axis.com
Score CVSS : 7.2

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Vulnérabilité ID : CVE-2023-21412

Première publication le : 03-08-2023 07:15:13
Dernière modification le : 03-08-2023 12:40:03

Description :
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.

CVE ID : CVE-2023-21412
Source : product-security@axis.com
Score CVSS : 7.2

Références :
https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf | source : product-security@axis.com


Source : cert.vde.com

Vulnérabilité ID : CVE-2023-3663

Première publication le : 03-08-2023 11:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.

CVE ID : CVE-2023-3663
Source : info@cert.vde.com
Score CVSS : 8.8

Références :
https://cert.vde.com/en/advisories/VDE-2023-022/ | source : info@cert.vde.com

Vulnérabilité : CWE-345


Vulnérabilité ID : CVE-2022-4046

Première publication le : 03-08-2023 13:15:09
Dernière modification le : 03-08-2023 15:37:04

Description :
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

CVE ID : CVE-2022-4046
Source : info@cert.vde.com
Score CVSS : 8.8

Références :
https://cert.vde.com/en/advisories/VDE-2023-025/ | source : info@cert.vde.com

Vulnérabilité : CWE-119


Vulnérabilité ID : CVE-2023-3662

Première publication le : 03-08-2023 11:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .

CVE ID : CVE-2023-3662
Source : info@cert.vde.com
Score CVSS : 7.3

Références :
https://cert.vde.com/en/advisories/VDE-2023-021/ | source : info@cert.vde.com

Vulnérabilité : CWE-427


Source : emc.com

Vulnérabilité ID : CVE-2022-34453

Première publication le : 03-08-2023 13:15:09
Dernière modification le : 03-08-2023 15:37:04

Description :
Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default.

CVE ID : CVE-2022-34453
Source : security_alert@emc.com
Score CVSS : 7.6

Références :
https://www.dell.com/support/kbdoc/en-us/000204809/dsa-2022-290-dell-xtremio-x2-security-advisory-for-xms-gui?lang=en | source : security_alert@emc.com

Vulnérabilité : CWE-284


Source : hq.dhs.gov

Vulnérabilité ID : CVE-2023-0956

Première publication le : 03-08-2023 19:15:10
Dernière modification le : 03-08-2023 19:15:10

Description :
External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system.

CVE ID : CVE-2023-0956
Source : ics-cert@hq.dhs.gov
Score CVSS : 7.5

Références :
https://cert.pl/posts/2023/07/CVE-2023-0956/ | source : ics-cert@hq.dhs.gov
https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-03 | source : ics-cert@hq.dhs.gov
https://www.tel-ster.pl/index.php/telwin-scada/nowosci/372-telwin-scada-podatnosc-cve-2023-0956 | source : ics-cert@hq.dhs.gov


Source : cloudflare.com

Vulnérabilité ID : CVE-2023-2754

Première publication le : 03-08-2023 15:15:23
Dernière modification le : 03-08-2023 15:37:04

Description :
The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses but Unique Local Addresses, which under certain conditions could point towards unknown devices in the same local network which enables an Attacker to view DNS queries made by the device.

CVE ID : CVE-2023-2754
Source : cna@cloudflare.com
Score CVSS : 7.4

Références :
https://developers.cloudflare.com/warp-client/ | source : cna@cloudflare.com
https://github.com/cloudflare/advisories/security/advisories/GHSA-mv6g-7577-vq4w | source : cna@cloudflare.com
https://install.appcenter.ms/orgs/cloudflare/apps/1.1.1.1-windows-1/distribution_groups/release | source : cna@cloudflare.com

Vulnérabilité : CWE-319


Source : craftersoftware.com

Vulnérabilité ID : CVE-2023-4136

Première publication le : 03-08-2023 15:15:34
Dernière modification le : 03-08-2023 15:37:04

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.

CVE ID : CVE-2023-4136
Source : security@craftersoftware.com
Score CVSS : 7.4

Références :
https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301 | source : security@craftersoftware.com

Vulnérabilité : CWE-79


Source : hackerone.com

Vulnérabilité ID : CVE-2023-35081

Première publication le : 03-08-2023 18:15:11
Dernière modification le : 03-08-2023 18:15:11

Description :
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

CVE ID : CVE-2023-35081
Source : support@hackerone.com
Score CVSS : 7.2

Références :
https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US | source : support@hackerone.com


Source : jci.com

Vulnérabilité ID : CVE-2023-3749

Première publication le : 03-08-2023 20:15:11
Dernière modification le : 03-08-2023 20:15:11

Description :
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.

CVE ID : CVE-2023-3749
Source : productsecurity@jci.com
Score CVSS : 7.1

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-04 | source : productsecurity@jci.com
https://www.johnsoncontrols.com/cyber-solutions/security-advisories | source : productsecurity@jci.com

Vulnérabilité : CWE-349


(37) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4127

Première publication le : 03-08-2023 04:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1.

CVE ID : CVE-2023-4127
Source : security@huntr.dev
Score CVSS : 6.5

Références :
https://github.com/answerdev/answer/commit/47661dc8a356ce6aa7793f1bd950399292180182 | source : security@huntr.dev
https://huntr.dev/bounties/cf7d19e3-1318-4c77-8366-d8d04a0b41ba | source : security@huntr.dev

Vulnérabilité : CWE-366


Vulnérabilité ID : CVE-2023-4145

Première publication le : 03-08-2023 17:15:12
Dernière modification le : 03-08-2023 17:15:12

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.

CVE ID : CVE-2023-4145
Source : security@huntr.dev
Score CVSS : 6.5

Références :
https://github.com/pimcore/customer-data-framework/commit/72f45dd537a706954e7a71c99fbe318640e846a2 | source : security@huntr.dev
https://huntr.dev/bounties/ce852777-2994-40b4-bb4e-c4d10023eeb0 | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4138

Première publication le : 03-08-2023 15:15:36
Dernière modification le : 03-08-2023 15:37:04

Description :
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0.

CVE ID : CVE-2023-4138
Source : security@huntr.dev
Score CVSS : 4.2

Références :
https://github.com/ikus060/rdiffweb/commit/feef0d7b11d86aed29bf98c21526088117964d85 | source : security@huntr.dev
https://huntr.dev/bounties/1b1fa915-d588-4bb1-9e82-6a6be79befed | source : security@huntr.dev

Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-4126

Première publication le : 03-08-2023 04:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0.

CVE ID : CVE-2023-4126
Source : security@huntr.dev
Score CVSS : 4.1

Références :
https://github.com/answerdev/answer/commit/4f468b58d0dea51290bfbdd3e96332b0014c8730 | source : security@huntr.dev
https://huntr.dev/bounties/7f50bf1c-bcb9-46ca-8cec-211493d280c5 | source : security@huntr.dev

Vulnérabilité : CWE-613


Source : cert.vde.com

Vulnérabilité ID : CVE-2023-37545

Première publication le : 03-08-2023 11:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550

CVE ID : CVE-2023-37545
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37546

Première publication le : 03-08-2023 12:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550

CVE ID : CVE-2023-37546
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37547

Première publication le : 03-08-2023 12:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550

CVE ID : CVE-2023-37547
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37548

Première publication le : 03-08-2023 12:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550

CVE ID : CVE-2023-37548
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37549

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550

CVE ID : CVE-2023-37549
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37550

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.

CVE ID : CVE-2023-37550
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019 | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37551

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.

CVE ID : CVE-2023-37551
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-552


Vulnérabilité ID : CVE-2023-37552

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.

CVE ID : CVE-2023-37552
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37553

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.

CVE ID : CVE-2023-37553
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37554

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.

CVE ID : CVE-2023-37554
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37555

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.

CVE ID : CVE-2023-37555
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37556

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.

CVE ID : CVE-2023-37556
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37557

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.

CVE ID : CVE-2023-37557
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2023-37558

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559

CVE ID : CVE-2023-37558
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-37559

Première publication le : 03-08-2023 12:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558

CVE ID : CVE-2023-37559
Source : info@cert.vde.com
Score CVSS : 6.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-019/ | source : info@cert.vde.com

Vulnérabilité : CWE-20


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4120

Première publication le : 03-08-2023 09:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235967. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4120
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/RCEraser/cve/blob/main/rce.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235967 | source : cna@vuldb.com
https://vuldb.com/?id.235967 | source : cna@vuldb.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-4121

Première publication le : 03-08-2023 10:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722. It has been classified as critical. Affected is an unknown function. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235968. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4121
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/torres14852/cve/blob/main/upload.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235968 | source : cna@vuldb.com
https://vuldb.com/?id.235968 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-4111

Première publication le : 03-08-2023 04:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickup_id leads to cross site scripting. The attack may be launched remotely. VDB-235958 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4111
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173927/PHPJabbers-Bus-Reservation-System-1.1-Cross-Site-Scripting.html | source : cna@vuldb.com
http://packetstormsecurity.com/files/173945/PHPJabbers-Bus-Reservation-System-1.1-SQL-Injection.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235958 | source : cna@vuldb.com
https://vuldb.com/?id.235958 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4112

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability was found in PHP Jabbers Shuttle Booking Software 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-235959. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4112
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173930/PHPJabbers-Shuttle-Booking-Software-1.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235959 | source : cna@vuldb.com
https://vuldb.com/?id.235959 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4113

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4113
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173931/PHPJabbers-Service-Booking-Script-1.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235960 | source : cna@vuldb.com
https://vuldb.com/?id.235960 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4114

Première publication le : 03-08-2023 06:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability was found in PHP Jabbers Night Club Booking Software 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235961 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4114
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173932/PHPJabbers-Night-Club-Booking-1.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235961 | source : cna@vuldb.com
https://vuldb.com/?id.235961 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4115

Première publication le : 03-08-2023 06:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4115
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173936/PHPJabbers-Cleaning-Business-1.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235962 | source : cna@vuldb.com
https://vuldb.com/?id.235962 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4116

Première publication le : 03-08-2023 07:15:13
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking 2.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235963. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4116
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173937/PHPJabbers-Taxi-Booking-2.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235963 | source : cna@vuldb.com
https://vuldb.com/?id.235963 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4117

Première publication le : 03-08-2023 08:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability, which was classified as problematic, has been found in PHP Jabbers Rental Property Booking 2.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235964. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4117
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173939/PHPJabbers-Rental-Property-Booking-2.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235964 | source : cna@vuldb.com
https://vuldb.com/?id.235964 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4119

Première publication le : 03-08-2023 09:15:09
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability has been found in Academy LMS 6.0 and classified as problematic. This vulnerability affects unknown code of the file /academy/home/courses. The manipulation of the argument query/sort_by leads to cross site scripting. The attack can be initiated remotely. VDB-235966 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4119
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/173941/Academy-LMS-6.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235966 | source : cna@vuldb.com
https://vuldb.com/?id.235966 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Source : redhat.com

Vulnérabilité ID : CVE-2023-3180

Première publication le : 03-08-2023 15:15:29
Dernière modification le : 03-08-2023 15:37:04

Description :
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.

CVE ID : CVE-2023-3180
Source : secalert@redhat.com
Score CVSS : 6.0

Références :
https://access.redhat.com/security/cve/CVE-2023-3180 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222424 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-4132

Première publication le : 03-08-2023 15:15:32
Dernière modification le : 03-08-2023 15:37:04

Description :
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.

CVE ID : CVE-2023-4132
Source : secalert@redhat.com
Score CVSS : 5.5

Références :
https://access.redhat.com/security/cve/CVE-2023-4132 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2221707 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-4133

Première publication le : 03-08-2023 15:15:33
Dernière modification le : 03-08-2023 15:37:04

Description :
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.

CVE ID : CVE-2023-4133
Source : secalert@redhat.com
Score CVSS : 5.5

Références :
https://access.redhat.com/security/cve/CVE-2023-4133 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2221702 | source : secalert@redhat.com


Source : cloudflare.com

Vulnérabilité ID : CVE-2023-3766

Première publication le : 03-08-2023 15:15:32
Dernière modification le : 03-08-2023 15:37:04

Description :
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and send specially designed encrypted queries to targeted ODOH servers running with odoh-rs. Upon successful exploitation, the server will crash abruptly, disrupting its normal operation and rendering the service temporarily unavailable.

CVE ID : CVE-2023-3766
Source : cna@cloudflare.com
Score CVSS : 5.9

Références :
https://github.com/cloudflare/odoh-rs/pull/28 | source : cna@cloudflare.com
https://github.com/cloudflare/odoh-rs/security/advisories/GHSA-gpcv-p28p-fv2p | source : cna@cloudflare.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-3348

Première publication le : 03-08-2023 15:15:30
Dernière modification le : 03-08-2023 15:37:04

Description :
The Wrangler command line tool (<=wrangler@3.1.0) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). This vulnerability enabled an attacker in the same network as the victim to connect to the local development server and access the victim's files present outside of the directory for the development server.

CVE ID : CVE-2023-3348
Source : cna@cloudflare.com
Score CVSS : 5.7

Références :
https://developers.cloudflare.com/workers/wrangler/ | source : cna@cloudflare.com
https://github.com/cloudflare/workers-sdk | source : cna@cloudflare.com
https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-8c93-4hch-xgxp | source : cna@cloudflare.com

Vulnérabilité : CWE-22


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3932

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies.

CVE ID : CVE-2023-3932
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/417594 | source : cve@gitlab.com
https://hackerone.com/reports/2057633 | source : cve@gitlab.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-4008

Première publication le : 03-08-2023 07:15:13
Dernière modification le : 03-08-2023 12:40:03

Description :
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to takeover GitLab Pages with unique domain URLs if the random string added was known.

CVE ID : CVE-2023-4008
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/415942 | source : cve@gitlab.com

Vulnérabilité : CWE-367


Source : nvidia.com

Vulnérabilité ID : CVE-2023-25524

Première publication le : 03-08-2023 17:15:11
Dernière modification le : 03-08-2023 17:15:11

Description :
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.

CVE ID : CVE-2023-25524
Source : psirt@nvidia.com
Score CVSS : 4.0

Références :
https://nvidia.custhelp.com/app/answers/detail/a_id/5472 | source : psirt@nvidia.com

Vulnérabilité : CWE-598


(3) Vulnérabilité(s) LOW [0.1, 3.9]

Source : vuldb.com

Vulnérabilité ID : CVE-2023-4110

Première publication le : 03-08-2023 03:15:10
Dernière modification le : 03-08-2023 16:15:12

Description :
A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack can be launched remotely. The identifier VDB-235957 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4110
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
http://packetstormsecurity.com/files/173926/PHPJabbers-Availability-Booking-Calendar-5.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.235957 | source : cna@vuldb.com
https://vuldb.com/?id.235957 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4118

Première publication le : 03-08-2023 08:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235965 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4118
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/goodric/chfs | source : cna@vuldb.com
https://vuldb.com/?ctiid.235965 | source : cna@vuldb.com
https://vuldb.com/?id.235965 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Source : cert.vde.com

Vulnérabilité ID : CVE-2023-3669

Première publication le : 03-08-2023 12:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.

CVE ID : CVE-2023-3669
Source : info@cert.vde.com
Score CVSS : 3.3

Références :
https://cert.vde.com/en/advisories/VDE-2023-023 | source : info@cert.vde.com

Vulnérabilité : CWE-307


(57) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-33368

Première publication le : 03-08-2023 01:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.

CVE ID : CVE-2023-33368
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33368 | source : cve@mitre.org
https://www.controlid.com.br/en/access-control/idsecure/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33369

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service.

CVE ID : CVE-2023-33369
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33369 | source : cve@mitre.org
https://www.controlid.com.br/en/access-control/idsecure/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33370

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main web server of IDSecure to fault and crash, causing a denial of service.

CVE ID : CVE-2023-33370
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33370 | source : cve@mitre.org
https://www.controlid.com.br/en/access-control/idsecure/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33371

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.

CVE ID : CVE-2023-33371
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33371 | source : cve@mitre.org
https://www.controlid.com.br/en/access-control/idsecure/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36082

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials.

CVE ID : CVE-2023-36082
Source : cve@mitre.org
Score CVSS : /

Références :
http://flexiva.com | source : cve@mitre.org
http://gatesair.com | source : cve@mitre.org
https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-20808

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote attacker to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php.

CVE ID : CVE-2020-20808
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/alorfm/vuln/blob/master/qibosoft_cross_Site_Scripting.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-26979

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

CVE ID : CVE-2023-26979
Source : cve@mitre.org
Score CVSS : /

Références :
http://bluetens.com | source : cve@mitre.org
https://www.secura.com/blog/serious-safety-impact-found-in-bluetooth-low-energy-based-medical-devices | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36212

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function.

CVE ID : CVE-2023-36212
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/capture0x/Total-CMS-EXPLOIT/ | source : cve@mitre.org
https://packetstormsecurity.com/files/172687/Total-CMS-1.7.4-Shell-Upload.html | source : cve@mitre.org
https://www.exploit-db.com/exploits/51500 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36255

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
An issue in Eramba Limited Eramba Enterprise v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

CVE ID : CVE-2023-36255
Source : cve@mitre.org
Score CVSS : /

Références :
http://eramba.com | source : cve@mitre.org
https://trovent.io/security-advisory-2303-01/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38954

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.

CVE ID : CVE-2023-38954
Source : cve@mitre.org
Score CVSS : /

Références :
http://zkteco.com | source : cve@mitre.org
https://claroty.com/team82/disclosure-dashboard/cve-2023-38954 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38955

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names.

CVE ID : CVE-2023-38955
Source : cve@mitre.org
Score CVSS : /

Références :
http://zkteco.com | source : cve@mitre.org
https://claroty.com/team82/disclosure-dashboard/cve-2023-38955 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38956

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.

CVE ID : CVE-2023-38956
Source : cve@mitre.org
Score CVSS : /

Références :
http://zkteco.com | source : cve@mitre.org
https://claroty.com/team82/disclosure-dashboard/cve-2023-38956 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38958

Première publication le : 03-08-2023 02:15:09
Dernière modification le : 03-08-2023 12:40:03

Description :
An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request.

CVE ID : CVE-2023-38958
Source : cve@mitre.org
Score CVSS : /

Références :
http://zkteco.com | source : cve@mitre.org
https://claroty.com/team82/disclosure-dashboard/cve-2023-38958 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34196

Première publication le : 03-08-2023 03:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates (attributes and public keys) to unauthenticated or less privileged users may occur.

CVE ID : CVE-2023-34196
Source : cve@mitre.org
Score CVSS : /

Références :
https://keyfactor.com | source : cve@mitre.org
https://support.keyfactor.com/hc/en-us/articles/16671824556827-EJBCA-Security-Advisory-Partial-denial-of-service-attack-on-certificate-distribution-servlet-ejbca-ra-cert | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37364

Première publication le : 03-08-2023 03:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows context-dependent attackers to read arbitrary files or cause a denial of service, a similar issue to CVE-2013-4152.

CVE ID : CVE-2023-37364
Source : cve@mitre.org
Score CVSS : /

Références :
https://ws-inc.com | source : cve@mitre.org
https://ws-inc.com/security.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37679

Première publication le : 03-08-2023 03:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.

CVE ID : CVE-2023-37679
Source : cve@mitre.org
Score CVSS : /

Références :
http://mirth.com | source : cve@mitre.org
http://nextgen.com | source : cve@mitre.org
https://www.ihteam.net/advisory/mirth-connect | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39144

Première publication le : 03-08-2023 03:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext.

CVE ID : CVE-2023-39144
Source : cve@mitre.org
Score CVSS : /

Références :
https://getknowmore.com/ | source : cve@mitre.org
https://github.com/cduram/CVE-2023-39144 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-25600

Première publication le : 03-08-2023 15:15:19
Dernière modification le : 03-08-2023 15:37:04

Description :
An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016.

CVE ID : CVE-2023-25600
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.insyde.com/security-pledge | source : cve@mitre.org
https://www.insyde.com/security-pledge/SA-2023028 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28468

Première publication le : 03-08-2023 15:15:20
Dernière modification le : 03-08-2023 15:37:04

Description :
An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an attacker to interact with the SPI flash at run-time from the OS.

CVE ID : CVE-2023-28468
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.insyde.com/security-pledge | source : cve@mitre.org
https://www.insyde.com/security-pledge/SA-2023039 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36298

Première publication le : 03-08-2023 15:15:28
Dernière modification le : 03-08-2023 15:37:04

Description :
DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE).

CVE ID : CVE-2023-36298
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MentalityXt/Dedecms-v5.7.109-RCE | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36299

Première publication le : 03-08-2023 15:15:28
Dernière modification le : 03-08-2023 15:37:04

Description :
A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php.

CVE ID : CVE-2023-36299
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MentalityXt/typecho-v1.2.1-RCE | source : cve@mitre.org
https://github.com/typecho/typecho/releases/tag/v1.2.1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38812

Première publication le : 03-08-2023 15:15:28
Dernière modification le : 03-08-2023 15:15:28

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-38812
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-39096

Première publication le : 03-08-2023 15:15:29
Dernière modification le : 03-08-2023 15:37:04

Description :
WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting (XSS) vulnerability due to lack of input validation and output encoding.

CVE ID : CVE-2023-39096
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xt2tt.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39097

Première publication le : 03-08-2023 15:15:29
Dernière modification le : 03-08-2023 15:37:04

Description :
WebBoss.io CMS v3.7.0.1 contains a stored cross-site scripting (XSS) vulnerability.

CVE ID : CVE-2023-39097
Source : cve@mitre.org
Score CVSS : /

Références :
https://realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xf8gi.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33363

Première publication le : 03-08-2023 16:15:11
Dernière modification le : 03-08-2023 16:56:53

Description :
An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers.

CVE ID : CVE-2023-33363
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33363 | source : cve@mitre.org
https://kb.supremainc.com/knowledge/doku.php?id=en:release_note_291 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33364

Première publication le : 03-08-2023 16:15:11
Dernière modification le : 03-08-2023 16:56:53

Description :
An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server.

CVE ID : CVE-2023-33364
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33364 | source : cve@mitre.org
https://kb.supremainc.com/knowledge/doku.php?id=en:release_note_291 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33365

Première publication le : 03-08-2023 16:15:11
Dernière modification le : 03-08-2023 16:56:53

Description :
A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server.

CVE ID : CVE-2023-33365
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33365 | source : cve@mitre.org
https://kb.supremainc.com/knowledge/doku.php?id=en:release_note_291 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33366

Première publication le : 03-08-2023 16:15:11
Dernière modification le : 03-08-2023 16:56:53

Description :
A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands.

CVE ID : CVE-2023-33366
Source : cve@mitre.org
Score CVSS : /

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-33366 | source : cve@mitre.org
https://kb.supremainc.com/knowledge/doku.php?id=en:release_note_291 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38947

Première publication le : 03-08-2023 16:15:12
Dernière modification le : 03-08-2023 16:56:53

Description :
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.

CVE ID : CVE-2023-38947
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/CTF-hacker/pwn/issues/I7LH2N | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38948

Première publication le : 03-08-2023 16:15:12
Dernière modification le : 03-08-2023 16:56:53

Description :
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows attackers to execute arbitrary code via downloading a crafted plugin.

CVE ID : CVE-2023-38948
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/CTF-hacker/pwn/issues/I7LI4E | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36213

Première publication le : 03-08-2023 17:15:11
Dernière modification le : 03-08-2023 17:15:11

Description :
SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function.

CVE ID : CVE-2023-36213
Source : cve@mitre.org
Score CVSS : /

Références :
https://packetstormsecurity.com/files/172698/MotoCMS-3.4.3-SQL-Injection.html | source : cve@mitre.org
https://www.exploit-db.com/exploits/51504 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-42986

Première publication le : 03-08-2023 18:15:11
Dernière modification le : 03-08-2023 18:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-39122. Reason: This candidate is a reservation duplicate of CVE-2023-39122. Notes: All CVE users should reference CVE-2023-39122 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE ID : CVE-2022-42986
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-32764

Première publication le : 03-08-2023 18:15:11
Dernière modification le : 03-08-2023 18:15:11

Description :
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.

CVE ID : CVE-2023-32764
Source : cve@mitre.org
Score CVSS : /

Références :
https://help.supportservices.fabasoft.com/index.php?topic=doc/Vulnerabilities-Fabasoft-Folio/vulnerabilities-2023.htm#client-autoupdate-harmful-code-installation-vulnerability-pdo06614- | source : cve@mitre.org
https://www.compass-security.com/fileadmin/Research/Advisories/2023_01_CSNC-2023-002_LPE_Cloud_Client.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36217

Première publication le : 03-08-2023 18:15:11
Dernière modification le : 03-08-2023 18:15:11

Description :
Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute arbitrary code via the category name field of the image manager function.

CVE ID : CVE-2023-36217
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 | source : cve@mitre.org
https://www.exploit-db.com/exploits/51520 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39075

Première publication le : 03-08-2023 18:15:11
Dernière modification le : 03-08-2023 18:15:11

Description :
Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.

CVE ID : CVE-2023-39075
Source : cve@mitre.org
Score CVSS : /

Références :
https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38942

Première publication le : 03-08-2023 19:15:10
Dernière modification le : 03-08-2023 19:15:10

Description :
Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json.

CVE ID : CVE-2023-38942
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/PantsuDango/Dango-Translator | source : cve@mitre.org
https://github.com/PantsuDango/Dango-Translator/issues/127 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33666

Première publication le : 03-08-2023 20:15:11
Dernière modification le : 03-08-2023 20:15:11

Description :
ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.

CVE ID : CVE-2023-33666
Source : cve@mitre.org
Score CVSS : /

Références :
https://security.friendsofpresta.org/modules/2023/08/03/aioptimizedcombinations.html | source : cve@mitre.org
https://www.boutique.ai-dev.fr/en/ergonomie/59-optimized-combinations.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39121

Première publication le : 03-08-2023 20:15:11
Dernière modification le : 03-08-2023 20:15:11

Description :
emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php.

CVE ID : CVE-2023-39121
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/safe-b/CVE/issues/1 | source : cve@mitre.org
https://github.com/safe-b/CVE/issues/1#issue-1817133689 | source : cve@mitre.org


Source : google.com

Vulnérabilité ID : CVE-2023-4068

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4068
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1466183 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4069

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4069
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1465326 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4070

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4070
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1462951 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4071

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4071
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1458819 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4072

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4072
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1464038 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4073

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4073
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1456243 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4074

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4074
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1464113 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4075

Première publication le : 03-08-2023 01:15:11
Dernière modification le : 03-08-2023 12:40:03

Description :
Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-4075
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1457757 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4076

Première publication le : 03-08-2023 01:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)

CVE ID : CVE-2023-4076
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1459124 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4077

Première publication le : 03-08-2023 01:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE ID : CVE-2023-4077
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1451146 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-4078

Première publication le : 03-08-2023 01:15:12
Dernière modification le : 03-08-2023 12:40:03

Description :
Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE ID : CVE-2023-4078
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1461895 | source : chrome-cve-admin@google.com


Source : jpcert.or.jp

Vulnérabilité ID : CVE-2023-38744

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit. If an affected product receives a packet which is specially crafted by a remote unauthenticated attacker, the unit of the affected product may fall into a denial-of-service (DoS) condition. Affected products/versions are as follows: CJ2M CPU Unit CJ2M-CPU3[] Unit version of the built-in EtherNet/IP section Ver. 2.18 and earlier, CJ2H CPU Unit CJ2H-CPU6[]-EIP Unit version of the built-in EtherNet/IP section Ver. 3.04 and earlier, CS/CJ Series EtherNet/IP Unit CS1W-EIP21 V3.04 and earlier, and CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 V3.04 and earlier.

CVE ID : CVE-2023-38744
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU92193064/ | source : vultures@jpcert.or.jp
https://www.ia.omron.com/product/vulnerability/OMSR-2023-006_en.pdf | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-38746

Première publication le : 03-08-2023 05:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

CVE ID : CVE-2023-38746
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU93286117/ | source : vultures@jpcert.or.jp
https://www.ia.omron.com/product/vulnerability/OMSR-2023-005_en.pdf | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-38747

Première publication le : 03-08-2023 06:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

CVE ID : CVE-2023-38747
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU93286117/ | source : vultures@jpcert.or.jp
https://www.ia.omron.com/product/vulnerability/OMSR-2023-005_en.pdf | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-38748

Première publication le : 03-08-2023 06:15:10
Dernière modification le : 03-08-2023 12:40:03

Description :
Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur.

CVE ID : CVE-2023-38748
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU93286117/ | source : vultures@jpcert.or.jp
https://www.ia.omron.com/product/vulnerability/OMSR-2023-005_en.pdf | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-22314

Première publication le : 03-08-2023 13:15:09
Dernière modification le : 03-08-2023 15:37:04

Description :
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317.

CVE ID : CVE-2023-22314
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU92877622/ | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-22317

Première publication le : 03-08-2023 13:15:09
Dernière modification le : 03-08-2023 15:37:04

Description :
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314.

CVE ID : CVE-2023-22317
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU92877622/ | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2022-26838

Première publication le : 03-08-2023 15:15:16
Dernière modification le : 03-08-2023 15:37:04

Description :
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition.

CVE ID : CVE-2022-26838
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/jp/JVN52694228/ | source : vultures@jpcert.or.jp
https://kb.cybozu.support/article/37653/ | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-22277

Première publication le : 03-08-2023 15:15:17
Dernière modification le : 03-08-2023 15:37:04

Description :
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314.

CVE ID : CVE-2023-22277
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/vu/JVNVU92877622/ | source : vultures@jpcert.or.jp


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.