Dernières vulnérabilités du Jeudi 7 Septembre 2023

Dernières vulnérabilités du Jeudi 7 Septembre 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 07/09/2023 à 23:58:02

(5) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : bitdefender.com

Vulnérabilité ID : CVE-2023-39420

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.

CVE ID : CVE-2023-39420
Source : cve-requests@bitdefender.com
Score CVSS : 9.9

Références :
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained/ | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-39424

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials.

CVE ID : CVE-2023-39424
Source : cve-requests@bitdefender.com
Score CVSS : 9.9

Références :
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-74


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-39238

Première publication le : 07-09-2023 08:15:07
Dernière modification le : 07-09-2023 12:50:36

Description :
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.

CVE ID : CVE-2023-39238
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7354-4e654-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-134


Vulnérabilité ID : CVE-2023-39239

Première publication le : 07-09-2023 08:15:07
Dernière modification le : 07-09-2023 12:50:36

Description :
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.

CVE ID : CVE-2023-39239
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://https://www.twcert.org.tw/tw/cp-132-7355-0ce8d-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-134


Vulnérabilité ID : CVE-2023-39240

Première publication le : 07-09-2023 08:15:07
Dernière modification le : 07-09-2023 12:50:36

Description :
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.

CVE ID : CVE-2023-39240
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7356-021bf-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-134


(27) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : cert.org.tw

Vulnérabilité ID : CVE-2023-38031

Première publication le : 07-09-2023 04:15:10
Dernière modification le : 07-09-2023 12:50:36

Description :
ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVE ID : CVE-2023-38031
Source : twcert@cert.org.tw
Score CVSS : 8.8

Références :
https://www.twcert.org.tw/tw/cp-132-7348-56989-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-38032

Première publication le : 07-09-2023 07:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVE ID : CVE-2023-38032
Source : twcert@cert.org.tw
Score CVSS : 8.8

Références :
https://www.twcert.org.tw/tw/cp-132-7349-7f8cd-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-38033

Première publication le : 07-09-2023 07:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVE ID : CVE-2023-38033
Source : twcert@cert.org.tw
Score CVSS : 8.8

Références :
https://www.twcert.org.tw/tw/cp-132-7350-ded5e-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-39236

Première publication le : 07-09-2023 07:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVE ID : CVE-2023-39236
Source : twcert@cert.org.tw
Score CVSS : 8.8

Références :
https://www.twcert.org.tw/tw/cp-132-7351-ec8fe-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-39237

Première publication le : 07-09-2023 07:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVE ID : CVE-2023-39237
Source : twcert@cert.org.tw
Score CVSS : 8.8

Références :
https://www.twcert.org.tw/tw/cp-132-7352-bad68-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-34357

Première publication le : 07-09-2023 03:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.

CVE ID : CVE-2023-34357
Source : twcert@cert.org.tw
Score CVSS : 7.8

Références :
https://www.twcert.org.tw/tw/cp-132-7347-2653e-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-640


Source : bitdefender.com

Vulnérabilité ID : CVE-2023-39423

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.

CVE ID : CVE-2023-39423
Source : cve-requests@bitdefender.com
Score CVSS : 8.6

Références :
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-39421

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with these services.

CVE ID : CVE-2023-39421
Source : cve-requests@bitdefender.com
Score CVSS : 7.7

Références :
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-798


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4815

Première publication le : 07-09-2023 07:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3.

CVE ID : CVE-2023-4815
Source : security@huntr.dev
Score CVSS : 8.3

Références :
https://github.com/answerdev/answer/commit/e75142a55546e01d8904f59db228422561f51666 | source : security@huntr.dev
https://huntr.dev/bounties/4cd3eeb4-57c9-4af2-ad19-2166c9e0fd2c | source : security@huntr.dev

Vulnérabilité : CWE-306


Source : adobe.com

Vulnérabilité ID : CVE-2021-40795

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-40795
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-43018

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file.

CVE ID : CVE-2021-43018
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/photoshop/apsb21-113.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2021-44188

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44188
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2022-30637

Première publication le : 07-09-2023 14:15:09
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30637
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30638

Première publication le : 07-09-2023 14:15:09
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30638
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30639

Première publication le : 07-09-2023 14:15:09
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30639
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30640

Première publication le : 07-09-2023 14:15:09
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30640
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30641

Première publication le : 07-09-2023 14:15:10
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30641
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30642

Première publication le : 07-09-2023 14:15:10
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30642
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30643

Première publication le : 07-09-2023 14:15:10
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30643
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30644

Première publication le : 07-09-2023 14:15:10
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30644
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2022-30645

Première publication le : 07-09-2023 14:15:10
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30645
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2022-30646

Première publication le : 07-09-2023 14:15:11
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2022-30646
Source : psirt@adobe.com
Score CVSS : 7.8

Références :
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html | source : psirt@adobe.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2021-40698

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.

CVE ID : CVE-2021-40698
Source : psirt@adobe.com
Score CVSS : 7.4

Références :
https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html | source : psirt@adobe.com

Vulnérabilité : CWE-242


Vulnérabilité ID : CVE-2021-40699

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.

CVE ID : CVE-2021-40699
Source : psirt@adobe.com
Score CVSS : 7.4

Références :
https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html | source : psirt@adobe.com

Vulnérabilité : CWE-284


Source : hq.dhs.gov

Vulnérabilité ID : CVE-2023-4685

Première publication le : 07-09-2023 18:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

CVE ID : CVE-2023-4685
Source : ics-cert@hq.dhs.gov
Score CVSS : 7.8

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-121


Source : vulncheck.com

Vulnérabilité ID : CVE-2023-30800

Première publication le : 07-09-2023 16:15:07
Dernière modification le : 07-09-2023 16:25:45

Description :
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.

CVE ID : CVE-2023-30800
Source : disclosure@vulncheck.com
Score CVSS : 7.5

Références :
https://vulncheck.com/advisories/mikrotik-jsproxy-dos | source : disclosure@vulncheck.com

Vulnérabilité : CWE-787


Source : fortinet.com

Vulnérabilité ID : CVE-2023-36635

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.

CVE ID : CVE-2023-36635
Source : psirt@fortinet.com
Score CVSS : 7.1

Références :
https://fortiguard.com/psirt/FG-IR-22-174 | source : psirt@fortinet.com


(13) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : solarwinds.com

Vulnérabilité ID : CVE-2023-40060

Première publication le : 07-09-2023 16:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1.

CVE ID : CVE-2023-40060
Source : psirt@solarwinds.com
Score CVSS : 6.6

Références :
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-0-Hotfix-2?language=en_US | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40060 | source : psirt@solarwinds.com

Vulnérabilité : CWE-284


Source : bitdefender.com

Vulnérabilité ID : CVE-2023-39422

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless.

CVE ID : CVE-2023-39422
Source : cve-requests@bitdefender.com
Score CVSS : 6.5

Références :
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-798


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4772

Première publication le : 07-09-2023 02:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newsletter_form' shortcode in versions up to, and including, 7.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4772
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/newsletter/tags/7.8.9/subscription/subscription.php#L1653 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2955097/newsletter#file21 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/87da5300-1add-44fc-a3e0-e8912f946c84?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4792

Première publication le : 07-09-2023 02:15:08
Dernière modification le : 07-09-2023 12:50:36

Description :
The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicate_ppmc_post_as_draft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with subscriber access or higher to duplicate posts and pages.

CVE ID : CVE-2023-4792
Source : security@wordfence.com
Score CVSS : 4.3

Références :
https://plugins.trac.wordpress.org/browser/duplicate-post-page-menu-custom-post-type/trunk/duplicate-post-page-menu-cpt.php?rev=2871256#L383 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2963515%40duplicate-post-page-menu-custom-post-type&new=2963515%40duplicate-post-page-menu-custom-post-type&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/d6bb08e8-9ef5-41db-a111-c377a5dfae77?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Source : cisco.com

Vulnérabilité ID : CVE-2023-20193

Première publication le : 07-09-2023 20:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.

CVE ID : CVE-2023-20193
Source : ykramarz@cisco.com
Score CVSS : 6.0

Références :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw | source : ykramarz@cisco.com


Vulnérabilité ID : CVE-2023-20194

Première publication le : 07-09-2023 20:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings.

CVE ID : CVE-2023-20194
Source : ykramarz@cisco.com
Score CVSS : 4.9

Références :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw | source : ykramarz@cisco.com


Source : adobe.com

Vulnérabilité ID : CVE-2021-40723

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-40723
Source : psirt@adobe.com
Score CVSS : 5.5

Références :
https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-40790

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-40790
Source : psirt@adobe.com
Score CVSS : 5.5

Références :
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html | source : psirt@adobe.com

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2021-40791

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-40791
Source : psirt@adobe.com
Score CVSS : 5.5

Références :
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-42265

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-42265
Source : psirt@adobe.com
Score CVSS : 5.5

Références :
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-42734

Première publication le : 07-09-2023 13:15:07
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Photoshop version 22.5.1 ?and earlier?versions???are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-42734
Source : psirt@adobe.com
Score CVSS : 5.5

Références :
https://helpx.adobe.com/security/products/photoshop/apsb21-109.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Source : cloudflare.com

Vulnérabilité ID : CVE-2023-3747

Première publication le : 07-09-2023 13:15:09
Dernière modification le : 07-09-2023 13:42:46

Description :
Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running.

CVE ID : CVE-2023-3747
Source : cna@cloudflare.com
Score CVSS : 5.5

Références :
https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#retrieve-the-override-code | source : cna@cloudflare.com
https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone | source : cna@cloudflare.com

Vulnérabilité : CWE-602


Source : github.com

Vulnérabilité ID : CVE-2023-41316

Première publication le : 07-09-2023 20:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-41316
Source : security-advisories@github.com
Score CVSS : 5.5

Références :
https://github.com/tolgee/tolgee-platform/commit/bab718b1c9b3e90327bfb10d27b9799996e5c35b | source : security-advisories@github.com
https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg | source : security-advisories@github.com

Vulnérabilité : CWE-20
Vulnérabilité : CWE-79


(10) Vulnérabilité(s) LOW [0.1, 3.9]

Source : adobe.com

Vulnérabilité ID : CVE-2021-43027

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-43027
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-43751

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-43751
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-43753

Première publication le : 07-09-2023 13:15:08
Dernière modification le : 07-09-2023 13:42:46

Description :
Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after-free vulnerability in the processing of parsing TIF files that could result in privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-43753
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/lightroom/apsb21-119.html | source : psirt@adobe.com

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2021-44189

Première publication le : 07-09-2023 14:15:07
Dernière modification le : 07-09-2023 16:25:48

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44189
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2021-44190

Première publication le : 07-09-2023 14:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44190
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-44191

Première publication le : 07-09-2023 14:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44191
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-44192

Première publication le : 07-09-2023 14:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44192
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-44193

Première publication le : 07-09-2023 14:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44193
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-44194

Première publication le : 07-09-2023 14:15:08
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44194
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2021-44195

Première publication le : 07-09-2023 14:15:09
Dernière modification le : 07-09-2023 16:25:45

Description :
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID : CVE-2021-44195
Source : psirt@adobe.com
Score CVSS : 3.3

Références :
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html | source : psirt@adobe.com

Vulnérabilité : CWE-125


(6) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-39711

Première publication le : 07-09-2023 15:15:07
Dernière modification le : 07-09-2023 16:25:45

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section.

CVE ID : CVE-2023-39711
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/1683f9640c0d62337e0bbe23569d1ea5#file-cve-2023-39711 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40942

Première publication le : 07-09-2023 15:15:07
Dernière modification le : 07-09-2023 16:25:45

Description :
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.

CVE ID : CVE-2023-40942
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/GleamingEyes/vul/blob/main/tenda_ac9/SetFirewallCfg.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37798

Première publication le : 07-09-2023 19:15:47
Dernière modification le : 07-09-2023 20:17:06

Description :
A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter.

CVE ID : CVE-2023-37798
Source : cve@mitre.org
Score CVSS : /

Références :
http://redcap.com | source : cve@mitre.org
http://vanderbilt.com | source : cve@mitre.org
https://www.cyderes.com/blog/cve-2023-37798-stored-cross-site-scripting-in-vanderbilt-redcap/ | source : cve@mitre.org


Source : apple.com

Vulnérabilité ID : CVE-2023-41061

Première publication le : 07-09-2023 18:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVE ID : CVE-2023-41061
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213905 | source : product-security@apple.com
https://support.apple.com/en-us/HT213907 | source : product-security@apple.com
https://support.apple.com/kb/HT213905 | source : product-security@apple.com
https://support.apple.com/kb/HT213907 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-41064

Première publication le : 07-09-2023 18:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5.2, iOS 16.6.1 and iPadOS 16.6.1. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVE ID : CVE-2023-41064
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213905 | source : product-security@apple.com
https://support.apple.com/en-us/HT213906 | source : product-security@apple.com
https://support.apple.com/kb/HT213905 | source : product-security@apple.com
https://support.apple.com/kb/HT213906 | source : product-security@apple.com


Source : rapid7.con

Vulnérabilité ID : CVE-2023-4528

Première publication le : 07-09-2023 18:15:07
Dernière modification le : 07-09-2023 20:17:06

Description :
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface

CVE ID : CVE-2023-4528
Source : cve@rapid7.con
Score CVSS : /

Références :
https://www.jscape.com/blog/binary-management-service-patch-cve-2023-4528 | source : cve@rapid7.con
https://www.rapid7.com/blog/post/2023/09/07/cve-2023-4528-java-deserialization-vulnerability-in-jscape-mft-fixed/ | source : cve@rapid7.con

Vulnérabilité : CWE-502


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.