Dernières vulnérabilités du Lundi 14 Août 2023 + weekend

Dernières vulnérabilités du Lundi 14 Août 2023 + weekend
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 14/08/2023 à 23:58:03

(10) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : github.com

Vulnérabilité ID : CVE-2023-40020

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
PrivateUploader is an open source image hosting server written in Vue and TypeScript. In affected versions `app/routes/v3/admin.controller.ts` did not correctly verify whether the user was an administrator (High Level) or moderator (Low Level) causing the request to continue processing. The response would be a 403 with ADMIN_ONLY, however, next() would call leading to any updates/changes in the route to process. This issue has been addressed in version 3.2.49. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-40020
Source : security-advisories@github.com
Score CVSS : 9.9

Références :
https://github.com/PrivateUploader/PrivateUploader/commit/869657d61e3c7a518177106fe63ea483082b0d3e | source : security-advisories@github.com
https://github.com/PrivateUploader/PrivateUploader/security/advisories/GHSA-vhrw-2472-rrjx | source : security-advisories@github.com

Vulnérabilité : CWE-287


Source : mitre.org

Vulnérabilité ID : CVE-2023-40256

Première publication le : 11-08-2023 05:15:42
Dernière modification le : 11-08-2023 12:58:22

Description :
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.

CVE ID : CVE-2023-40256
Source : cve@mitre.org
Score CVSS : 9.8

Références :
https://www.veritas.com/content/support/en_US/security/VTS23-011 | source : cve@mitre.org


Source : wordfence.com

Vulnérabilité ID : CVE-2023-3452

Première publication le : 12-08-2023 03:15:09
Dernière modification le : 14-08-2023 00:36:59

Description :
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server.

CVE ID : CVE-2023-3452
Source : security@wordfence.com
Score CVSS : 9.8

Références :
https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/tree.php?rev=2841358#L5 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2951888/canto/trunk/includes/lib/tree.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a76077c6-700a-4d21-a930-b0d6455d959c?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-98


Source : trellix.com

Vulnérabilité ID : CVE-2023-3259

Première publication le : 14-08-2023 04:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the malicious agent to take actions with administrator privileges including, but not limited to, manipulating power levels, modifying user accounts, and exporting confidential user information

CVE ID : CVE-2023-3259
Source : trellixpsirt@trellix.com
Score CVSS : 9.8

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-502


Vulnérabilité ID : CVE-2023-3265

Première publication le : 14-08-2023 05:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.

CVE ID : CVE-2023-3265
Source : trellixpsirt@trellix.com
Score CVSS : 9.8

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-150


Vulnérabilité ID : CVE-2023-3266

Première publication le : 14-08-2023 05:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.

CVE ID : CVE-2023-3266
Source : trellixpsirt@trellix.com
Score CVSS : 9.8

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-358


Vulnérabilité ID : CVE-2023-3260

Première publication le : 14-08-2023 04:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.

CVE ID : CVE-2023-3260
Source : trellixpsirt@trellix.com
Score CVSS : 9.1

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-3261

Première publication le : 14-08-2023 04:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.

CVE ID : CVE-2023-3261
Source : trellixpsirt@trellix.com
Score CVSS : 9.1

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-3267

Première publication le : 14-08-2023 05:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.

CVE ID : CVE-2023-3267
Source : trellixpsirt@trellix.com
Score CVSS : 9.1

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-78


Source : php.net

Vulnérabilité ID : CVE-2023-3824

Première publication le : 11-08-2023 06:15:10
Dernière modification le : 12-08-2023 06:19:10

Description :
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.

CVE ID : CVE-2023-3824
Source : security@php.net
Score CVSS : 9.4

Références :
https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv | source : security@php.net
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/ | source : security@php.net

Vulnérabilité : CWE-119


(52) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : intel.com

Vulnérabilité ID : CVE-2023-28380

Première publication le : 11-08-2023 03:15:24
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVE ID : CVE-2023-28380
Source : secure@intel.com
Score CVSS : 8.8

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00877.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-36392

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

CVE ID : CVE-2022-36392
Source : secure@intel.com
Score CVSS : 8.6

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-27635

Première publication le : 11-08-2023 03:15:11
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-27635
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-46329

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-46329
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28385

Première publication le : 11-08-2023 03:15:24
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.

CVE ID : CVE-2023-28385
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00868.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28714

Première publication le : 11-08-2023 03:15:25
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28714
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00872.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32617

Première publication le : 11-08-2023 03:15:32
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-32617
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-34086

Première publication le : 11-08-2023 03:15:33
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-34086
Source : secure@intel.com
Score CVSS : 8.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-29887

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVE ID : CVE-2022-29887
Source : secure@intel.com
Score CVSS : 8.1

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00893.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27515

Première publication le : 11-08-2023 03:15:24
Dernière modification le : 11-08-2023 03:44:51

Description :
Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access.

CVE ID : CVE-2023-27515
Source : secure@intel.com
Score CVSS : 8.1

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00878.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-37336

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-37336
Source : secure@intel.com
Score CVSS : 7.9

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-40964

Première publication le : 11-08-2023 03:15:14
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-40964
Source : secure@intel.com
Score CVSS : 7.9

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-26587

Première publication le : 11-08-2023 03:15:19
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-26587
Source : secure@intel.com
Score CVSS : 7.8

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00859.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-36372

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-36372
Source : secure@intel.com
Score CVSS : 7.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22449

Première publication le : 11-08-2023 03:15:17
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-22449
Source : secure@intel.com
Score CVSS : 7.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-25773

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-25773
Source : secure@intel.com
Score CVSS : 7.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00826.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-29494

Première publication le : 11-08-2023 03:15:30
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-29494
Source : secure@intel.com
Score CVSS : 7.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-34438

Première publication le : 11-08-2023 03:15:34
Dernière modification le : 11-08-2023 03:44:51

Description :
Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-34438
Source : secure@intel.com
Score CVSS : 7.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-45112

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-45112
Source : secure@intel.com
Score CVSS : 7.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00846.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-25757

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.

CVE ID : CVE-2023-25757
Source : secure@intel.com
Score CVSS : 7.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-37343

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-37343
Source : secure@intel.com
Score CVSS : 7.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-38102

Première publication le : 11-08-2023 03:15:14
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

CVE ID : CVE-2022-38102
Source : secure@intel.com
Score CVSS : 7.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-41804

Première publication le : 11-08-2023 03:15:15
Dernière modification le : 12-08-2023 04:15:14

Description :
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-41804
Source : secure@intel.com
Score CVSS : 7.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html | source : secure@intel.com
https://www.debian.org/security/2023/dsa-5474 | source : secure@intel.com


Source : opennms.com

Vulnérabilité ID : CVE-2023-0871

Première publication le : 11-08-2023 17:15:08
Dernière modification le : 14-08-2023 18:15:10

Description :
XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to XML external entity (XXE) injection, which can be used for instance to force Horizon to make arbitrary HTTP requests to internal and external services. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Moshe Apelbaum for reporting this issue.

CVE ID : CVE-2023-0871
Source : security@opennms.com
Score CVSS : 8.8

Références :
https://docs.opennms.com/horizon/32/releasenotes/changelog.html | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6355 | source : security@opennms.com

Vulnérabilité : CWE-611


Vulnérabilité ID : CVE-2023-0872

Première publication le : 14-08-2023 18:15:10
Dernière modification le : 14-08-2023 18:59:33

Description :
The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.

CVE ID : CVE-2023-0872
Source : security@opennms.com
Score CVSS : 8.2

Références :
https://docs.opennms.com/horizon/32/releasenotes/changelog.html | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6354 | source : security@opennms.com

Vulnérabilité : CWE-269


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4293

Première publication le : 12-08-2023 08:15:09
Dernière modification le : 14-08-2023 00:36:59

Description :
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_update_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'profile[role]' parameter during a profile update.

CVE ID : CVE-2023-4293
Source : security@wordfence.com
Score CVSS : 8.8

Références :
https://plugins.trac.wordpress.org/browser/wpdm-premium-packages/tags/5.7.4/wpdm-premium-packages.php#L1158 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2951917/wpdm-premium-packages#file5 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/82137302-60ca-44d5-b087-dc96e2815fca?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-269


Source : zyxel.com.tw

Vulnérabilité ID : CVE-2023-33013

Première publication le : 14-08-2023 17:15:10
Dernière modification le : 14-08-2023 17:27:48

Description :
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

CVE ID : CVE-2023-33013
Source : security@zyxel.com.tw
Score CVSS : 8.8

Références :
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-in-ntp-feature-of-nbg6604-home-router | source : security@zyxel.com.tw

Vulnérabilité : CWE-78


Source : php.net

Vulnérabilité ID : CVE-2023-3823

Première publication le : 11-08-2023 06:15:09
Dernière modification le : 12-08-2023 06:19:08

Description :
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.

CVE ID : CVE-2023-3823
Source : security@php.net
Score CVSS : 8.6

Références :
https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr | source : security@php.net
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/ | source : security@php.net


Source : trellix.com

Vulnérabilité ID : CVE-2023-3264

Première publication le : 14-08-2023 05:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.

CVE ID : CVE-2023-3264
Source : trellixpsirt@trellix.com
Score CVSS : 8.4

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-3263

Première publication le : 14-08-2023 05:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.

CVE ID : CVE-2023-3263
Source : trellixpsirt@trellix.com
Score CVSS : 7.5

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-289


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-38721

Première publication le : 14-08-2023 18:15:11
Dernière modification le : 14-08-2023 18:59:33

Description :
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.

CVE ID : CVE-2023-38721
Source : psirt@us.ibm.com
Score CVSS : 8.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262173 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7023423 | source : psirt@us.ibm.com

Vulnérabilité : CWE-269


Vulnérabilité ID : CVE-2023-38741

Première publication le : 14-08-2023 18:15:11
Dernière modification le : 14-08-2023 18:59:33

Description :
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.

CVE ID : CVE-2023-38741
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262905 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7025476 | source : psirt@us.ibm.com

Vulnérabilité : CWE-400


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4321

Première publication le : 14-08-2023 11:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.

CVE ID : CVE-2023-4321
Source : security@huntr.dev
Score CVSS : 8.3

Références :
https://github.com/cockpit-hq/cockpit/commit/34ab31ee9362da51b9709e178469dbffd7717249 | source : security@huntr.dev
https://huntr.dev/bounties/fce38751-bfd6-484c-b6e1-935e0aa8ffdc | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4322

Première publication le : 14-08-2023 16:15:09
Dernière modification le : 14-08-2023 17:27:48

Description :
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE ID : CVE-2023-4322
Source : security@huntr.dev
Score CVSS : 7.3

Références :
https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd | source : security@huntr.dev
https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd | source : security@huntr.dev

Vulnérabilité : CWE-122


Source : github.com

Vulnérabilité ID : CVE-2023-39945

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.

CVE ID : CVE-2023-39945
Source : security-advisories@github.com
Score CVSS : 8.2

Références :
https://bombshell.gtisc.gatech.edu/ddsfuzz/pcap/fastdds-exception-20230509-02.pcap | source : security-advisories@github.com
https://github.com/eProsima/Fast-CDR/blob/v1.0.26/src/cpp/Cdr.cpp#L72-L79 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-2rq6-8j7x-frr9 | source : security-advisories@github.com

Vulnérabilité : CWE-248


Vulnérabilité ID : CVE-2023-39946

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of actual content. In `eprosima::fastdds::dds::ParameterPropertyList_t::push_back_helper`, `memcpy` is called to first copy the octet'ized length and then to copy the data into `properties_.data`. At the second memcpy, both `data` and `size` can be controlled by anyone that sends the CDR string to the discovery multicast port. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.

CVE ID : CVE-2023-39946
Source : security-advisories@github.com
Score CVSS : 8.2

Références :
https://github.com/eProsima/Fast-DDS/commit/349227005827e8a67a0406b823138b5068cc47dc | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-j297-rg6j-m7hx | source : security-advisories@github.com

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-39947

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed `PID_PROPERTY_LIST` parameters cause heap overflow at a different program counter. This can remotely crash any Fast-DDS process. Versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6 contain a patch for this issue.

CVE ID : CVE-2023-39947
Source : security-advisories@github.com
Score CVSS : 8.2

Références :
https://github.com/eProsima/Fast-DDS/commit/349227005827e8a67a0406b823138b5068cc47dc | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-mf55-5747-c4pv | source : security-advisories@github.com

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-39534

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.

CVE ID : CVE-2023-39534
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://bombshell.gtisc.gatech.edu/ddsfuzz/pcap/fastdds-assert-230509.pcap | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/blob/v2.9.1/include/fastdds/rtps/common/SequenceNumber.h#L238-L252 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/blob/v2.9.1/src/cpp/rtps/reader/StatefulReader.cpp#L863 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-fcr6-x23w-94wp | source : security-advisories@github.com

Vulnérabilité : CWE-617


Vulnérabilité ID : CVE-2023-39948

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.

CVE ID : CVE-2023-39948
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/eProsima/Fast-DDS/files/11117197/fastdds-assert.pcap.zip | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/issues/3422 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-x9pj-vrgf-f68f | source : security-advisories@github.com

Vulnérabilité : CWE-248


Vulnérabilité ID : CVE-2023-39949

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.

CVE ID : CVE-2023-39949
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/eProsima/Fast-DDS/blob/v2.9.0/src/cpp/rtps/messages/MessageReceiver.cpp#L1059 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/issues/3236 | source : security-advisories@github.com
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-3jv9-j9x3-95cg | source : security-advisories@github.com

Vulnérabilité : CWE-617


Vulnérabilité ID : CVE-2023-40013

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag's place. According to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons but the input sanitization logic is not sufficient and can be trivially bypassed. This allows an attacker to craft a malicious SVG which can result in Cross-site Scripting (XSS). When trying to sanitize the svg the lib removes event attributes such as `onmouseover`, `onclick` but the list of events is not exhaustive. Any website which uses external-svg-loader and allows its users to provide svg src, upload svg files would be susceptible to stored XSS attack. This issue has been addressed in commit `d3562fc08` which is included in releases from 1.6.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-40013
Source : security-advisories@github.com
Score CVSS : 7.1

Références :
https://github.com/shubhamjain/svg-loader/blob/main/svg-loader.js#L125-L128 | source : security-advisories@github.com
https://github.com/shubhamjain/svg-loader/commit/d3562fc08497aec5f33eb82017fa1417b3319e2c | source : security-advisories@github.com
https://github.com/shubhamjain/svg-loader/security/advisories/GHSA-xc2r-jf2x-gjr8 | source : security-advisories@github.com
https://github.com/shubhamjain/svg-loader/tree/main#2-enable-javascript | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : mitre.org

Vulnérabilité ID : CVE-2021-28427

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.

CVE ID : CVE-2021-28427
Source : cve@mitre.org
Score CVSS : 7.8

Références :
https://newsgroup.xnview.com/viewtopic.php?f=35&t=41035 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-28835

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.

CVE ID : CVE-2021-28835
Source : cve@mitre.org
Score CVSS : 7.8

Références :
https://newsgroup.xnview.com/viewtopic.php?f=35&t=44679 | source : cve@mitre.org
https://www.xnview.com/en/xnview/#changelog | source : cve@mitre.org


Source : eset.com

Vulnérabilité ID : CVE-2023-3160

Première publication le : 14-08-2023 10:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.

CVE ID : CVE-2023-3160
Source : security@eset.com
Score CVSS : 7.8

Références :
https://support.eset.com/en/ca8466 | source : security@eset.com

Vulnérabilité : CWE-269


Source : redhat.com

Vulnérabilité ID : CVE-2023-39417

Première publication le : 11-08-2023 13:15:09
Dernière modification le : 11-08-2023 15:18:19

Description :
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

CVE ID : CVE-2023-39417
Source : secalert@redhat.com
Score CVSS : 7.5

Références :
https://access.redhat.com/security/cve/CVE-2023-39417 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2228111 | source : secalert@redhat.com
https://www.postgresql.org/support/security/CVE-2023-39417 | source : secalert@redhat.com


Source : krcert.or.kr

Vulnérabilité ID : CVE-2023-40254

Première publication le : 11-08-2023 07:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

CVE ID : CVE-2023-40254
Source : vuln@krcert.or.kr
Score CVSS : 7.4

Références :
https://www.genians.co.kr/notice/2023 | source : vuln@krcert.or.kr

Vulnérabilité : CWE-494


Source : snowsoftware.com

Vulnérabilité ID : CVE-2023-3864

Première publication le : 11-08-2023 12:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.

CVE ID : CVE-2023-3864
Source : security@snowsoftware.com
Score CVSS : 7.2

Références :
https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC | source : security@snowsoftware.com

Vulnérabilité : CWE-89


Source : patchstack.com

Vulnérabilité ID : CVE-2023-30475

Première publication le : 14-08-2023 14:15:10
Dernière modification le : 14-08-2023 15:58:29

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.

CVE ID : CVE-2023-30475
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woo-coupon-usage/wordpress-coupon-affiliates-plugin-5-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30483

Première publication le : 14-08-2023 14:15:10
Dernière modification le : 14-08-2023 15:58:29

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.

CVE ID : CVE-2023-30483
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/watu/wordpress-watu-quiz-plugin-3-3-9-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28535

Première publication le : 14-08-2023 15:15:10
Dernière modification le : 14-08-2023 15:58:29

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions.

CVE ID : CVE-2023-28535
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/paytm-donation/wordpress-paytm-payment-donation-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30489

Première publication le : 14-08-2023 15:15:11
Dernière modification le : 14-08-2023 15:58:29

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.

CVE ID : CVE-2023-30489
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/email-subscribe/wordpress-email-subscription-popup-plugin-1-2-16-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30754

Première publication le : 14-08-2023 15:15:12
Dernière modification le : 14-08-2023 15:58:29

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions.

CVE ID : CVE-2023-30754
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/adfoxly/wordpress-adfoxly-ad-manager-adsense-ads-ads-txt-plugin-1-8-4-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(71) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : intel.com

Vulnérabilité ID : CVE-2022-44611

Première publication le : 11-08-2023 03:15:15
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.

CVE ID : CVE-2022-44611
Source : secure@intel.com
Score CVSS : 6.9

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-25864

Première publication le : 11-08-2023 03:15:10
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-25864
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00873.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-29470

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-29470
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-29871

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-29871
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-43456

Première publication le : 11-08-2023 03:15:15
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-43456
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00795.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22841

Première publication le : 11-08-2023 03:15:17
Dernière modification le : 11-08-2023 03:44:51

Description :
Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-22841
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00830.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-23577

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element for some ITE Tech consumer infrared drivers before version 5.5.2.1 for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-23577
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00829.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-24016

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-24016
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00800.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-25944

Première publication le : 11-08-2023 03:15:19
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-25944
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00844.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27391

Première publication le : 11-08-2023 03:15:21
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-27391
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27505

Première publication le : 11-08-2023 03:15:23
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-27505
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28405

Première publication le : 11-08-2023 03:15:24
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28405
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00842.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28658

Première publication le : 11-08-2023 03:15:25
Dernière modification le : 11-08-2023 03:44:51

Description :
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28658
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00873.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28823

Première publication le : 11-08-2023 03:15:26
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28823
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-29151

Première publication le : 11-08-2023 03:15:27
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-29151
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00907.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-31246

Première publication le : 11-08-2023 03:15:31
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-31246
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00905.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32543

Première publication le : 11-08-2023 03:15:31
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-32543
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00938.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32547

Première publication le : 11-08-2023 03:15:32
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-32547
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00934.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32663

Première publication le : 11-08-2023 03:15:32
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-32663
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00946.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-34355

Première publication le : 11-08-2023 03:15:34
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-34355
Source : secure@intel.com
Score CVSS : 6.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00899.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27509

Première publication le : 11-08-2023 03:15:23
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.

CVE ID : CVE-2023-27509
Source : secure@intel.com
Score CVSS : 6.6

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-40982

Première publication le : 11-08-2023 03:15:14
Dernière modification le : 12-08-2023 04:15:09

Description :
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE ID : CVE-2022-40982
Source : secure@intel.com
Score CVSS : 6.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html | source : secure@intel.com
https://access.redhat.com/solutions/7027704 | source : secure@intel.com
https://aws.amazon.com/security/security-bulletins/AWS-2023-007/ | source : secure@intel.com
https://downfall.page | source : secure@intel.com
https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html | source : secure@intel.com
https://security.netapp.com/advisory/ntap-20230811-0001/ | source : secure@intel.com
https://www.debian.org/security/2023/dsa-5474 | source : secure@intel.com
https://www.debian.org/security/2023/dsa-5475 | source : secure@intel.com
https://xenbits.xen.org/xsa/advisory-435.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22276

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.

CVE ID : CVE-2023-22276
Source : secure@intel.com
Score CVSS : 6.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-38083

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2022-38083
Source : secure@intel.com
Score CVSS : 6.1

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27887

Première publication le : 11-08-2023 03:15:24
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-27887
Source : secure@intel.com
Score CVSS : 6.1

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-34657

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2022-34657
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22330

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-22330
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22356

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-22356
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22444

Première publication le : 11-08-2023 03:15:17
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-22444
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-23908

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 12-08-2023 04:15:15

Description :
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-23908
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html | source : secure@intel.com
https://www.debian.org/security/2023/dsa-5474 | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32285

Première publication le : 11-08-2023 03:15:31
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.

CVE ID : CVE-2023-32285
Source : secure@intel.com
Score CVSS : 6.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28736

Première publication le : 11-08-2023 03:15:25
Dernière modification le : 11-08-2023 03:44:51

Description :
Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28736
Source : secure@intel.com
Score CVSS : 5.7

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-25775

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVE ID : CVE-2023-25775
Source : secure@intel.com
Score CVSS : 5.6

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-44612

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.

CVE ID : CVE-2022-44612
Source : secure@intel.com
Score CVSS : 5.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27506

Première publication le : 11-08-2023 03:15:23
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-27506
Source : secure@intel.com
Score CVSS : 5.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00840.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28711

Première publication le : 11-08-2023 03:15:25
Dernière modification le : 11-08-2023 03:44:51

Description :
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.

CVE ID : CVE-2023-28711
Source : secure@intel.com
Score CVSS : 5.5

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00879.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-27879

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2022-27879
Source : secure@intel.com
Score CVSS : 5.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-29500

Première publication le : 11-08-2023 03:15:31
Dernière modification le : 11-08-2023 03:44:51

Description :
Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-29500
Source : secure@intel.com
Score CVSS : 5.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32656

Première publication le : 11-08-2023 03:15:32
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-32656
Source : secure@intel.com
Score CVSS : 5.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-34427

Première publication le : 11-08-2023 03:15:34
Dernière modification le : 11-08-2023 03:44:51

Description :
Protection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-34427
Source : secure@intel.com
Score CVSS : 5.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-32609

Première publication le : 11-08-2023 03:15:32
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-32609
Source : secure@intel.com
Score CVSS : 5.0

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00932.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-34349

Première publication le : 11-08-2023 03:15:34
Dernière modification le : 11-08-2023 03:44:51

Description :
Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-34349
Source : secure@intel.com
Score CVSS : 4.6

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-41984

Première publication le : 11-08-2023 03:15:15
Dernière modification le : 11-08-2023 03:44:51

Description :
Protection mechanism failure for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow a privileged user to potentially enable denial of service via local access.

CVE ID : CVE-2022-41984
Source : secure@intel.com
Score CVSS : 4.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00812.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22338

Première publication le : 11-08-2023 03:15:16
Dernière modification le : 11-08-2023 03:44:51

Description :
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-22338
Source : secure@intel.com
Score CVSS : 4.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-27392

Première publication le : 11-08-2023 03:15:23
Dernière modification le : 11-08-2023 03:44:51

Description :
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-27392
Source : secure@intel.com
Score CVSS : 4.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00862.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-29243

Première publication le : 11-08-2023 03:15:27
Dernière modification le : 11-08-2023 03:44:51

Description :
Unchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access.

CVE ID : CVE-2023-29243
Source : secure@intel.com
Score CVSS : 4.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-33867

Première publication le : 11-08-2023 03:15:33
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-33867
Source : secure@intel.com
Score CVSS : 4.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-36351

Première publication le : 11-08-2023 03:15:12
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVE ID : CVE-2022-36351
Source : secure@intel.com
Score CVSS : 4.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-25182

Première publication le : 11-08-2023 03:15:18
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-25182
Source : secure@intel.com
Score CVSS : 4.2

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00826.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-43505

Première publication le : 11-08-2023 03:15:15
Dernière modification le : 11-08-2023 03:44:51

Description :
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

CVE ID : CVE-2022-43505
Source : secure@intel.com
Score CVSS : 4.1

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html | source : secure@intel.com


Source : mattermost.com

Vulnérabilité ID : CVE-2023-4107

Première publication le : 11-08-2023 07:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.

CVE ID : CVE-2023-4107
Source : responsibledisclosure@mattermost.com
Score CVSS : 6.7

Références :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnérabilité : CWE-863


Vulnérabilité ID : CVE-2023-4106

Première publication le : 11-08-2023 07:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able to view, join, edit, export and archive public playbooks.

CVE ID : CVE-2023-4106
Source : responsibledisclosure@mattermost.com
Score CVSS : 6.3

Références :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-4108

Première publication le : 11-08-2023 07:15:10
Dernière modification le : 11-08-2023 12:58:22

Description :
Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged

CVE ID : CVE-2023-4108
Source : responsibledisclosure@mattermost.com
Score CVSS : 4.5

Références :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnérabilité : CWE-532


Source : opennms.com

Vulnérabilité ID : CVE-2023-40311

Première publication le : 14-08-2023 18:15:11
Dernière modification le : 14-08-2023 18:59:33

Description :
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.

CVE ID : CVE-2023-40311
Source : security@opennms.com
Score CVSS : 6.7

Références :
https://github.com/OpenNMS/opennms | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6365 | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6366 | source : security@opennms.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40312

Première publication le : 14-08-2023 18:15:11
Dernière modification le : 14-08-2023 18:59:33

Description :
Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.

CVE ID : CVE-2023-40312
Source : security@opennms.com
Score CVSS : 6.7

Références :
https://docs.opennms.com/horizon/32/releasenotes/changelog.html | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6356 | source : security@opennms.com

Vulnérabilité : CWE-79


Source : solarwinds.com

Vulnérabilité ID : CVE-2023-35179

Première publication le : 11-08-2023 00:15:09
Dernière modification le : 11-08-2023 03:44:51

Description :
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.

CVE ID : CVE-2023-35179
Source : psirt@solarwinds.com
Score CVSS : 6.6

Références :
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-Hotfix-1?language=en_US | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35179 | source : psirt@solarwinds.com

Vulnérabilité : CWE-284


Source : zyxel.com.tw

Vulnérabilité ID : CVE-2023-28768

Première publication le : 14-08-2023 17:15:10
Dernière modification le : 14-08-2023 17:27:48

Description :
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.

CVE ID : CVE-2023-28768
Source : security@zyxel.com.tw
Score CVSS : 6.5

Références :
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches | source : security@zyxel.com.tw

Vulnérabilité : CWE-755


Source : github.com

Vulnérabilité ID : CVE-2023-40023

Première publication le : 14-08-2023 20:15:12
Dernière modification le : 14-08-2023 20:15:12

Description :
yaklang is a programming language designed for cybersecurity. The Yak Engine has been found to contain a local file inclusion (LFI) vulnerability. This vulnerability allows attackers to include files from the server's local file system through the web application. When exploited, this can lead to the unintended exposure of sensitive data, potential remote code execution, or other security breaches. Users utilizing versions of the Yak Engine prior to 1.2.4-sp1 are impacted. This vulnerability has been patched in version 1.2.4-sp1. Users are advised to upgrade. users unable to upgrade may avoid exposing vulnerable versions to untrusted input and to closely monitor any unexpected server behavior until they can upgrade.

CVE ID : CVE-2023-40023
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/yaklang/yaklang/pull/295 | source : security-advisories@github.com
https://github.com/yaklang/yaklang/pull/296 | source : security-advisories@github.com
https://github.com/yaklang/yaklang/security/advisories/GHSA-xvhg-w6qc-m3qq | source : security-advisories@github.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-39950

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.

CVE ID : CVE-2023-39950
Source : security-advisories@github.com
Score CVSS : 6.1

Références :
https://github.com/siemens/efibootguard/blob/master/docs/API.md | source : security-advisories@github.com
https://github.com/siemens/efibootguard/blob/master/docs/TOOLS.md | source : security-advisories@github.com
https://github.com/siemens/efibootguard/blob/master/docs/TOOLS.md#setting-user-variables | source : security-advisories@github.com
https://github.com/siemens/efibootguard/security/advisories/GHSA-j6pp-7g99-24m7 | source : security-advisories@github.com
https://github.com/siemens/efibootguard/tags | source : security-advisories@github.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-40024

Première publication le : 14-08-2023 20:15:12
Dernière modification le : 14-08-2023 20:15:12

Description :
ScanCode.io is a server to script and automate software composition analysis pipelines. In the `/license/` endpoint, the detailed view key is not properly validated and sanitized, which can result in a potential cross-site scripting (XSS) vulnerability when attempting to access a detailed license view that does not exist. Attackers can exploit this vulnerability to inject malicious scripts into the response generated by the `license_details_view` function. When unsuspecting users visit the page, their browsers will execute the injected scripts, leading to unauthorized actions, session hijacking, or stealing sensitive information. This issue has been addressed in release `32.5.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-40024
Source : security-advisories@github.com
Score CVSS : 5.4

Références :
https://github.com/nexB/scancode.io/blob/dd7769fbc97c84545579cebf1dc4838214098a11/CHANGELOG.rst#v3252-2023-08-14 | source : security-advisories@github.com
https://github.com/nexB/scancode.io/security/advisories/GHSA-6xcx-gx7r-rccj | source : security-advisories@github.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38687

Première publication le : 14-08-2023 21:15:12
Dernière modification le : 14-08-2023 21:15:12

Description :
Svelecte is a flexible autocomplete/select component written in Svelte. Svelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be exploited to execute arbitrary JavaScript whenever a Svelecte dropdown is opened. Item names given to Svelecte appear to be directly rendered as HTML by the default item renderer. This means that any HTML tags in the name are rendered as HTML elements not as text. Note that the custom item renderer shown in https://mskocik.github.io/svelecte/#item-rendering is also vulnerable to the same exploit. Any site that uses Svelecte with dynamically created items either from an external source or from user-created content could be vulnerable to an XSS attack (execution of untrusted JavaScript), clickjacking or any other attack that can be performed with arbitrary HTML injection. The actual impact of this vulnerability for a specific application depends on how trustworthy the sources that provide Svelecte items are and the steps that the application has taken to mitigate XSS attacks. XSS attacks using this vulnerability are mostly mitigated by a Content Security Policy that blocks inline JavaScript. This issue has been addressed in version 3.16.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-38687
Source : security-advisories@github.com
Score CVSS : 5.4

Références :
https://github.com/mskocik/svelecte/security/advisories/GHSA-7h45-grc5-89wq | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : opentext.com

Vulnérabilité ID : CVE-2023-32267

Première publication le : 11-08-2023 14:15:13
Dernière modification le : 11-08-2023 15:18:01

Description :
A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited.

CVE ID : CVE-2023-32267
Source : security@opentext.com
Score CVSS : 6.4

Références :
https://portal.microfocus.com/s/article/KM000020296?language=en_US | source : security@opentext.com


Source : zephyrproject.org

Vulnérabilité ID : CVE-2023-4265

Première publication le : 12-08-2023 23:15:08
Dernière modification le : 14-08-2023 00:36:59

Description :
Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841

CVE ID : CVE-2023-4265
Source : vulnerabilities@zephyrproject.org
Score CVSS : 6.4

Références :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4vgv-5r6q-r6xh | source : vulnerabilities@zephyrproject.org

Vulnérabilité : CWE-120


Source : trellix.com

Vulnérabilité ID : CVE-2023-3262

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.

CVE ID : CVE-2023-3262
Source : trellixpsirt@trellix.com
Score CVSS : 6.2

Références :
https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html | source : trellixpsirt@trellix.com

Vulnérabilité : CWE-798


Source : patchstack.com

Vulnérabilité ID : CVE-2023-29097

Première publication le : 14-08-2023 14:15:10
Dernière modification le : 14-08-2023 15:58:29

Description :
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions.

CVE ID : CVE-2023-29097
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/a3-portfolio/wordpress-a3-portfolio-plugin-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30477

Première publication le : 14-08-2023 14:15:10
Dernière modification le : 14-08-2023 15:58:29

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.

CVE ID : CVE-2023-30477
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/affiliate-solution/wordpress-affiliate-solution-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30749

Première publication le : 14-08-2023 15:15:11
Dernière modification le : 14-08-2023 15:58:29

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.

CVE ID : CVE-2023-30749
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/optima-express/wordpress-optima-express-marketboost-idx-plugin-plugin-7-3-0-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30751

Première publication le : 14-08-2023 15:15:11
Dernière modification le : 14-08-2023 15:58:29

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.

CVE ID : CVE-2023-30751
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/article-directory-redux/wordpress-article-directory-redux-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30752

Première publication le : 14-08-2023 15:15:11
Dernière modification le : 14-08-2023 15:58:29

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.

CVE ID : CVE-2023-30752
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/external-videos/wordpress-external-videos-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : snowsoftware.com

Vulnérabilité ID : CVE-2023-3937

Première publication le : 11-08-2023 12:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser

CVE ID : CVE-2023-3937
Source : security@snowsoftware.com
Score CVSS : 4.8

Références :
https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC | source : security@snowsoftware.com

Vulnérabilité : CWE-79


Source : krcert.or.kr

Vulnérabilité ID : CVE-2023-40253

Première publication le : 11-08-2023 06:15:10
Dernière modification le : 11-08-2023 12:58:22

Description :
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Functionality Misuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

CVE ID : CVE-2023-40253
Source : vuln@krcert.or.kr
Score CVSS : 4.4

Références :
https://www.genians.co.kr/notice/2023 | source : vuln@krcert.or.kr

Vulnérabilité : CWE-287


(12) Vulnérabilité(s) LOW [0.1, 3.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4304

Première publication le : 11-08-2023 01:15:09
Dernière modification le : 11-08-2023 03:44:51

Description :
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.

CVE ID : CVE-2023-4304
Source : security@huntr.dev
Score CVSS : 3.8

Références :
https://github.com/froxlor/froxlor/commit/ce9a5f97a3edb30c7d33878765d3c014a6583597 | source : security@huntr.dev
https://huntr.dev/bounties/59fe5037-b253-4b0f-be69-1d2e4af8b4a9 | source : security@huntr.dev

Vulnérabilité : CWE-840


Source : intel.com

Vulnérabilité ID : CVE-2022-38076

Première publication le : 11-08-2023 03:15:13
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2022-38076
Source : secure@intel.com
Score CVSS : 3.8

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-28938

Première publication le : 11-08-2023 03:15:27
Dernière modification le : 11-08-2023 03:44:51

Description :
Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access.

CVE ID : CVE-2023-28938
Source : secure@intel.com
Score CVSS : 3.4

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html | source : secure@intel.com


Vulnérabilité ID : CVE-2022-38973

Première publication le : 11-08-2023 03:15:14
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access.

CVE ID : CVE-2022-38973
Source : secure@intel.com
Score CVSS : 3.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00812.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-22840

Première publication le : 11-08-2023 03:15:17
Dernière modification le : 11-08-2023 03:44:51

Description :
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.

CVE ID : CVE-2023-22840
Source : secure@intel.com
Score CVSS : 3.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-30760

Première publication le : 11-08-2023 03:15:31
Dernière modification le : 11-08-2023 03:44:51

Description :
Out-of-bounds read in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable information disclosure via local access.

CVE ID : CVE-2023-30760
Source : secure@intel.com
Score CVSS : 3.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Vulnérabilité ID : CVE-2023-33877

Première publication le : 11-08-2023 03:15:33
Dernière modification le : 11-08-2023 03:44:51

Description :
Out-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-33877
Source : secure@intel.com
Score CVSS : 3.3

Références :
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html | source : secure@intel.com


Source : hcl.com

Vulnérabilité ID : CVE-2023-37511

Première publication le : 11-08-2023 01:15:08
Dernière modification le : 11-08-2023 03:44:51

Description :
If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.

CVE ID : CVE-2023-37511
Source : psirt@hcl.com
Score CVSS : 3.5

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106690 | source : psirt@hcl.com


Vulnérabilité ID : CVE-2023-37512

Première publication le : 11-08-2023 01:15:09
Dernière modification le : 11-08-2023 03:44:51

Description :
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.

CVE ID : CVE-2023-37512
Source : psirt@hcl.com
Score CVSS : 3.3

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106691 | source : psirt@hcl.com


Vulnérabilité ID : CVE-2023-37513

Première publication le : 11-08-2023 01:15:09
Dernière modification le : 11-08-2023 03:44:51

Description :
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.

CVE ID : CVE-2023-37513
Source : psirt@hcl.com
Score CVSS : 3.3

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106692 | source : psirt@hcl.com


Source : mattermost.com

Vulnérabilité ID : CVE-2023-4105

Première publication le : 11-08-2023 07:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message

CVE ID : CVE-2023-4105
Source : responsibledisclosure@mattermost.com
Score CVSS : 3.1

Références :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnérabilité : CWE-862


Source : redhat.com

Vulnérabilité ID : CVE-2023-39418

Première publication le : 11-08-2023 13:15:09
Dernière modification le : 11-08-2023 15:18:19

Description :
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

CVE ID : CVE-2023-39418
Source : secalert@redhat.com
Score CVSS : 3.1

Références :
https://access.redhat.com/security/cve/CVE-2023-39418 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2228112 | source : secalert@redhat.com
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229 | source : secalert@redhat.com
https://www.postgresql.org/support/security/CVE-2023-39418/ | source : secalert@redhat.com


(130) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-40260

Première publication le : 11-08-2023 06:15:10
Dernière modification le : 11-08-2023 12:58:22

Description :
EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication) requirement if the first factor (username and password) is known, because the first factor is sufficient to change an account's email address, and the product would then send MFA codes to the new email address (which may be attacker-controlled). NOTE: this is different from CVE-2023-4177, which claims to be about "some unknown processing of the component Multi-Factor Authentication Code Handler" and thus cannot be correlated with other vulnerability information.

CVE ID : CVE-2023-40260
Source : cve@mitre.org
Score CVSS : /

Références :
https://seclists.org/fulldisclosure/2023/Aug/3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40267

Première publication le : 11-08-2023 07:15:09
Dernière modification le : 11-08-2023 12:58:22

Description :
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.

CVE ID : CVE-2023-40267
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd | source : cve@mitre.org
https://github.com/gitpython-developers/GitPython/pull/1609 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-19952

Première publication le : 11-08-2023 14:15:09
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.

CVE ID : CVE-2020-19952
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jbt/markdown-editor/commit/228f1947a5242a6fbe2995d72d21b7e5f5178f35 | source : cve@mitre.org
https://github.com/jbt/markdown-editor/issues/106 | source : cve@mitre.org
https://github.com/jbt/markdown-editor/pull/110 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-20523

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.

CVE ID : CVE-2020-20523
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/GilaCMS/gila/issues/41 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-23595

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint.

CVE ID : CVE-2020-23595
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/yzmcms/yzmcms/issues/47 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24075

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.

CVE ID : CVE-2020-24075
Source : cve@mitre.org
Score CVSS : /

Références :
https://documentation.laborator.co/kb/kalium/kalium-changelog/#version-3-0-4-jun-23-2020 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24187

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).

CVE ID : CVE-2020-24187
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Aurorainfinity/Poc/tree/master/jerryscript/NULL-dereference-ecma_get_lex_env_type | source : cve@mitre.org
https://github.com/jerryscript-project/jerryscript/issues/4076 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24221

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).

CVE ID : CVE-2020-24221
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/miniupnp/ngiflib/issues/17 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24222

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.

CVE ID : CVE-2020-24222
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/rockcarry/ffjpeg/issues/31 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24804

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs.

CVE ID : CVE-2020-24804
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/cms-dev/cms/issues/1160 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24872

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.

CVE ID : CVE-2020-24872
Source : cve@mitre.org
Score CVSS : /

Références :
https://lepton-cms.org/posts/new-security-release-144.php | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24904

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted "mailto" link.

CVE ID : CVE-2020-24904
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/davesteele/gnome-gmail/issues/84 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24922

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.

CVE ID : CVE-2020-24922
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/xuxueli/xxl-job/issues/1921 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24950

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:19

Description :
SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.

CVE ID : CVE-2020-24950
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/daylightstudio/FUEL-CMS/issues/562 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-25915

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:06

Description :
Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.

CVE ID : CVE-2020-25915
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/thinkcmf/thinkcmf/issues/675 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-27449

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:06

Description :
Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.

CVE ID : CVE-2020-27449
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugbounty.zoho.com/bb/#/bug/101000003619211 | source : cve@mitre.org
https://www.manageengine.com/products/passwordmanagerpro/release-notes.html#pmp11002 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-27514

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:06

Description :
Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS).

CVE ID : CVE-2020-27514
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/94fzb/zrlog/issues/66 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-27544

Première publication le : 11-08-2023 14:15:10
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in FoldingAtHome Client Advanced Control GUI before commit 9b619ae64443997948a36dda01b420578de1af77, allows remote attackers to execute arbitrary code via crafted payload to function parse_message in file Connection.py.

CVE ID : CVE-2020-27544
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FoldingAtHome/fah-control/commit/9b619ae64443997948a36dda01b420578de1af77 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-28717

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.

CVE ID : CVE-2020-28717
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/kindsoft/kindeditor/issues/321 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-28840

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS).

CVE ID : CVE-2020-28840
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900820 | source : cve@mitre.org
https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-xh27-xwgj-gqw2 | source : cve@mitre.org
https://github.com/Matthias-Wandel/jhead/commit/4827ed31c226dc5ed93603bd649e0e387a1778da | source : cve@mitre.org
https://github.com/Matthias-Wandel/jhead/issues/8 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-28848

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file.

CVE ID : CVE-2020-28848
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/ChurchCRM/CRM/issues/5465 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-28849

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module.

CVE ID : CVE-2020-28849
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/ChurchCRM/CRM/issues/5477 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-35139

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).

CVE ID : CVE-2020-35139
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/faucetsdn/ryu/issues/118 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-35141

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).

CVE ID : CVE-2020-35141
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/faucetsdn/ryu/issues/118 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-35990

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file.

CVE ID : CVE-2020-35990
Source : cve@mitre.org
Score CVSS : /

Références :
http://foxit.com | source : cve@mitre.org
https://www.foxitsoftware.com/support/security-bulletins.php | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36023

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 14-08-2023 15:15:10

Description :
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.

CVE ID : CVE-2020-36023
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013 | source : cve@mitre.org
https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36024

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 14-08-2023 15:15:10

Description :
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

CVE ID : CVE-2020-36024
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016 | source : cve@mitre.org
https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36034

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.

CVE ID : CVE-2020-36034
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/TCSWT/School-Faculty-Scheduling-System | source : cve@mitre.org
https://www.sourcecodester.com/download-code?nid=14535&title=School+Faculty+Scheduling+System+using+PHP%2FMySQLi+with+Source+Code | source : cve@mitre.org
https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36037

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php.

CVE ID : CVE-2020-36037
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wuzhicms/wuzhicms/issues/192 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36082

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.

CVE ID : CVE-2020-36082
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/alexlang24/bloofoxCMS/issues/7 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36136

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.

CVE ID : CVE-2020-36136
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/cskaza/cszcms/issues/26 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36138

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).

CVE ID : CVE-2020-36138
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FFmpeg/FFmpeg/commit/292e41ce650a7b5ca5de4ae87fff0d6a90d9fc97 | source : cve@mitre.org
https://lists.ffmpeg.org/pipermail/ffmpeg-devel/2020-November/272001.html | source : cve@mitre.org
https://trac.ffmpeg.org/ticket/8960 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-25786

Première publication le : 11-08-2023 14:15:11
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

CVE ID : CVE-2021-25786
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/qpdf/qpdf/issues/492 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-25856

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:06

Description :
An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php.

CVE ID : CVE-2021-25856
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/pcmt/superMicro-CMS/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-25857

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.

CVE ID : CVE-2021-25857
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/pcmt/superMicro-CMS/issues/2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-26504

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.

CVE ID : CVE-2021-26504
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Foddy/node-red-contrib-huemagic/issues/217 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-26505

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.

CVE ID : CVE-2021-26505
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MrSwitch/hello.js/issues/634 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-27523

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.

CVE ID : CVE-2021-27523
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/open-falcon/dashboard/issues/153 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-27524

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Cross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature.

CVE ID : CVE-2021-27524
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/margox/braft-editor/issues/880 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-28025

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

CVE ID : CVE-2021-28025
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugreports.qt.io/browse/QTBUG-91507 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-28411

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges.

CVE ID : CVE-2021-28411
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lerry903/RuoYi/issues/20 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-28429

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

CVE ID : CVE-2021-28429
Source : cve@mitre.org
Score CVSS : /

Références :
https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c94875471e3ba3dc396c6919ff3ec9b14539cd71 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-29057

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3, allows attackers to cause a denial of service.

CVE ID : CVE-2021-29057
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/SUCHMOKUO/node-worker-threads-pool/issues/20 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-29378

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.

CVE ID : CVE-2021-29378
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/pear-admin/Pear-Admin-Think/issues/I3DIEC | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-3236

Première publication le : 11-08-2023 14:15:12
Dernière modification le : 11-08-2023 15:18:01

Description :
vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.

CVE ID : CVE-2021-3236
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/vim/vim/issues/7674 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-22955

Première publication le : 11-08-2023 20:15:14
Dernière modification le : 14-08-2023 00:36:59

Description :
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware.

CVE ID : CVE-2023-22955
Source : cve@mitre.org
Score CVSS : /

Références :
https://syss.de | source : cve@mitre.org
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-055.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-22956

Première publication le : 11-08-2023 20:15:14
Dernière modification le : 14-08-2023 00:36:59

Description :
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.

CVE ID : CVE-2023-22956
Source : cve@mitre.org
Score CVSS : /

Références :
https://syss.de | source : cve@mitre.org
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-054.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-22957

Première publication le : 11-08-2023 20:15:14
Dernière modification le : 14-08-2023 00:36:59

Description :
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.

CVE ID : CVE-2023-22957
Source : cve@mitre.org
Score CVSS : /

Références :
https://syss.de | source : cve@mitre.org
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-052.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-23208

Première publication le : 13-08-2023 21:15:09
Dernière modification le : 14-08-2023 00:36:52

Description :
Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable to Cross Site Scripting (XSS) via the Business Structure page of the iWD plugin, aka GAX-11261.

CVE ID : CVE-2023-23208
Source : cve@mitre.org
Score CVSS : /

Références :
https://docs.genesys.com/Documentation/RN/9.0.x/gax90rn/gax9010515 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40274

Première publication le : 14-08-2023 01:15:47
Dernière modification le : 14-08-2023 13:06:21

Description :
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.

CVE ID : CVE-2023-40274
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/getzola/zola/issues/2257 | source : cve@mitre.org
https://github.com/getzola/zola/pull/2258 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40283

Première publication le : 14-08-2023 03:15:09
Dernière modification le : 14-08-2023 13:06:21

Description :
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.

CVE ID : CVE-2023-40283
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1 | source : cve@mitre.org
https://github.com/torvalds/linux/commit/1728137b33c00d5a2b5110ed7aafb42e7c32e4a1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40291

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.

CVE ID : CVE-2023-40291
Source : cve@mitre.org
Score CVSS : /

Références :
https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40292

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets.

CVE ID : CVE-2023-40292
Source : cve@mitre.org
Score CVSS : /

Références :
https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40293

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.

CVE ID : CVE-2023-40293
Source : cve@mitre.org
Score CVSS : /

Références :
https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40294

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.

CVE ID : CVE-2023-40294
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/0branch/boron/issues/3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40295

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c.

CVE ID : CVE-2023-40295
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/0branch/boron/issues/3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40296

Première publication le : 14-08-2023 04:15:11
Dernière modification le : 14-08-2023 13:06:15

Description :
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.

CVE ID : CVE-2023-40296
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/eminfedar/async-sockets-cpp/issues/32 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40303

Première publication le : 14-08-2023 05:15:10
Dernière modification le : 14-08-2023 13:06:15

Description :
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.

CVE ID : CVE-2023-40303
Source : cve@mitre.org
Score CVSS : /

Références :
https://ftp.gnu.org/gnu/inetutils/ | source : cve@mitre.org
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6 | source : cve@mitre.org
https://lists.gnu.org/archive/html/bug-inetutils/2023-07/msg00000.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40305

Première publication le : 14-08-2023 06:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.

CVE ID : CVE-2023-40305
Source : cve@mitre.org
Score CVSS : /

Références :
https://ftp.gnu.org/gnu/indent/ | source : cve@mitre.org
https://savannah.gnu.org/bugs/index.php?64503 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37847

Première publication le : 14-08-2023 12:15:09
Dernière modification le : 14-08-2023 13:06:15

Description :
novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.

CVE ID : CVE-2023-37847
Source : cve@mitre.org
Score CVSS : /

Références :
http://novel-plus.com | source : cve@mitre.org
https://github.com/KingBangQ/CVE-2023-37847/blob/main/README.md | source : cve@mitre.org
https://novel.xxyopen.com/index.htm | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-30186

Première publication le : 14-08-2023 13:15:10
Dernière modification le : 14-08-2023 13:26:38

Description :
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

CVE ID : CVE-2023-30186
Source : cve@mitre.org
Score CVSS : /

Références :
http://onlyoffice.com | source : cve@mitre.org
https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2 | source : cve@mitre.org
https://github.com/ONLYOFFICE/DocumentServer | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/ | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110 | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-30187

Première publication le : 14-08-2023 13:15:10
Dernière modification le : 14-08-2023 13:26:38

Description :
An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

CVE ID : CVE-2023-30187
Source : cve@mitre.org
Score CVSS : /

Références :
http://onlyoffice.com | source : cve@mitre.org
https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2 | source : cve@mitre.org
https://github.com/ONLYOFFICE/DocumentServer | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/ | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110 | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-30188

Première publication le : 14-08-2023 13:15:10
Dernière modification le : 14-08-2023 13:26:38

Description :
Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.

CVE ID : CVE-2023-30188
Source : cve@mitre.org
Score CVSS : /

Références :
http://onlyoffice.com | source : cve@mitre.org
https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2 | source : cve@mitre.org
https://github.com/ONLYOFFICE/DocumentServer | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/ | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110 | source : cve@mitre.org
https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37070

Première publication le : 14-08-2023 13:15:10
Dernière modification le : 14-08-2023 13:26:38

Description :
Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)

CVE ID : CVE-2023-37070
Source : cve@mitre.org
Score CVSS : /

Références :
https://code-projects.org/hospital-information-system-in-php-with-source-code/ | source : cve@mitre.org
https://github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Cross-Site-Scripting-XSS-Payloads.txt | source : cve@mitre.org
https://github.com/Mr-Secure-Code/My-CVE/blob/main/CVE-2023-37070-Exploit.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31041

Première publication le : 14-08-2023 15:15:12
Dernière modification le : 14-08-2023 15:58:29

Description :
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.

CVE ID : CVE-2023-31041
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.insyde.com/security-pledge/SA-2023047 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40354

Première publication le : 14-08-2023 17:15:10
Dernière modification le : 14-08-2023 17:27:48

Description :
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3.

CVE ID : CVE-2023-40354
Source : cve@mitre.org
Score CVSS : /

Références :
https://jira.mariadb.org/browse/MXS-4681 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40359

Première publication le : 14-08-2023 17:15:10
Dernière modification le : 14-08-2023 17:27:48

Description :
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.

CVE ID : CVE-2023-40359
Source : cve@mitre.org
Score CVSS : /

Références :
https://invisible-island.net/xterm/xterm.log.html#xterm_380 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-32748

Première publication le : 14-08-2023 18:15:10
Dernière modification le : 14-08-2023 18:59:33

Description :
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

CVE ID : CVE-2023-32748
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40360

Première publication le : 14-08-2023 18:15:11
Dernière modification le : 14-08-2023 18:59:33

Description :
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.

CVE ID : CVE-2023-40360
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitlab.com/birkelund/qemu/-/commit/6c8f8456cb0b239812dee5211881426496da7b98 | source : cve@mitre.org
https://gitlab.com/qemu-project/qemu/-/issues/1815 | source : cve@mitre.org
https://www.qemu.org/docs/master/system/security.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28480

Première publication le : 14-08-2023 19:15:10
Dernière modification le : 14-08-2023 19:15:10

Description :
An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus effectively bypassing the built in RBAC controls.

CVE ID : CVE-2023-28480
Source : cve@mitre.org
Score CVSS : /

Références :
https://neo4j.com/security/cve-2023-28480/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28481

Première publication le : 14-08-2023 19:15:10
Dernière modification le : 14-08-2023 19:15:10

Description :
An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using their own SSH key.

CVE ID : CVE-2023-28481
Source : cve@mitre.org
Score CVSS : /

Références :
https://neo4j.com/security/cve-2023-28481/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28482

Première publication le : 14-08-2023 19:15:10
Dernière modification le : 14-08-2023 19:15:10

Description :
An issue was discovered in Tigergraph Enterprise 3.7.0. A single TigerGraph instance can host multiple graphs that are accessed by multiple different users. The TigerGraph platform does not protect the confidentiality of any data uploaded to the remote server. In this scenario, any user that has permissions to upload data can browse data uploaded by any other user (irrespective of their permissions).

CVE ID : CVE-2023-28482
Source : cve@mitre.org
Score CVSS : /

Références :
https://neo4j.com/security/cve-2023-28482/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28483

Première publication le : 14-08-2023 19:15:10
Dernière modification le : 14-08-2023 19:15:10

Description :
An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL queries that contain UDFs can bypass this configuration setting and, as a consequence, can write to any file location to which the administrative user has access.

CVE ID : CVE-2023-28483
Source : cve@mitre.org
Score CVSS : /

Références :
https://neo4j.com/security/cve-2023-28483/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-29468

Première publication le : 14-08-2023 19:15:11
Dernière modification le : 14-08-2023 19:15:11

Description :
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.

CVE ID : CVE-2023-29468
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.ti.com/lit/swra773 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39292

Première publication le : 14-08-2023 19:15:12
Dernière modification le : 14-08-2023 19:15:12

Description :
A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.

CVE ID : CVE-2023-39292
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39293

Première publication le : 14-08-2023 19:15:13
Dernière modification le : 14-08-2023 19:15:13

Description :
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system.

CVE ID : CVE-2023-39293
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0009 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39908

Première publication le : 14-08-2023 19:15:13
Dernière modification le : 14-08-2023 19:15:13

Description :
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory.

CVE ID : CVE-2023-39908
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.yubico.com/support/security-advisories/ysa-2023-01/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39827

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.

CVE ID : CVE-2023-39827
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formAddMacfilterRule | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39828

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.

CVE ID : CVE-2023-39828
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/formWifiBasicSet | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39829

Première publication le : 14-08-2023 21:15:13
Dernière modification le : 14-08-2023 21:15:13

Description :
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.

CVE ID : CVE-2023-39829
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/A18/fromSetWirelessRepeat | source : cve@mitre.org


Source : apache.org

Vulnérabilité ID : CVE-2023-39553

Première publication le : 11-08-2023 08:15:09
Dernière modification le : 11-08-2023 15:15:10

Description :
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: before 2.4.3. It is recommended to upgrade to a version that is not affected.

CVE ID : CVE-2023-39553
Source : security@apache.org
Score CVSS : /

Références :
http://www.openwall.com/lists/oss-security/2023/08/11/1 | source : security@apache.org
https://github.com/apache/airflow/pull/33074 | source : security@apache.org
https://lists.apache.org/thread/ozpl0opmob49rkcz8svo8wkxyw1395sf | source : security@apache.org

Vulnérabilité : CWE-20


Source : wordfence.com

Vulnérabilité ID : CVE-2022-3403

Première publication le : 11-08-2023 13:15:09
Dernière modification le : 11-08-2023 13:15:09

Description :
** REJECT ** Duplicate, please use CVE-2023-28931 instead.

CVE ID : CVE-2022-3403
Source : security@wordfence.com
Score CVSS : /

Références :


Source : huawei.com

Vulnérabilité ID : CVE-2023-39380

Première publication le : 13-08-2023 12:15:43
Dernière modification le : 14-08-2023 00:36:59

Description :
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.

CVE ID : CVE-2023-39380
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-39381

Première publication le : 13-08-2023 12:15:44
Dernière modification le : 14-08-2023 00:36:59

Description :
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.

CVE ID : CVE-2023-39381
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-39382

Première publication le : 13-08-2023 12:15:45
Dernière modification le : 14-08-2023 00:36:59

Description :
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.

CVE ID : CVE-2023-39382
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-39383

Première publication le : 13-08-2023 12:15:45
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.

CVE ID : CVE-2023-39383
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-39384

Première publication le : 13-08-2023 12:15:45
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE ID : CVE-2023-39384
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-39388

Première publication le : 13-08-2023 12:15:45
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

CVE ID : CVE-2023-39388
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-39389

Première publication le : 13-08-2023 12:15:45
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

CVE ID : CVE-2023-39389
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-39392

Première publication le : 13-08-2023 12:15:46
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.

CVE ID : CVE-2023-39392
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-16


Vulnérabilité ID : CVE-2023-39393

Première publication le : 13-08-2023 12:15:46
Dernière modification le : 14-08-2023 00:36:59

Description :
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.

CVE ID : CVE-2023-39393
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-39396

Première publication le : 13-08-2023 12:15:46
Dernière modification le : 14-08-2023 00:36:52

Description :
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-39396
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2023-39405

Première publication le : 13-08-2023 12:15:46
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.

CVE ID : CVE-2023-39405
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2021-46895

Première publication le : 13-08-2023 13:15:10
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.

CVE ID : CVE-2021-46895
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-701


Vulnérabilité ID : CVE-2023-39385

Première publication le : 13-08-2023 13:15:10
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.

CVE ID : CVE-2023-39385
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-16


Vulnérabilité ID : CVE-2023-39386

Première publication le : 13-08-2023 13:15:10
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.

CVE ID : CVE-2023-39386
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-39387

Première publication le : 13-08-2023 13:15:10
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

CVE ID : CVE-2023-39387
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-39390

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.

CVE ID : CVE-2023-39390
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-39391

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.

CVE ID : CVE-2023-39391
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-39394

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified.

CVE ID : CVE-2023-39394
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-39395

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-39395
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-19


Vulnérabilité ID : CVE-2023-39397

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-39397
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-476


Vulnérabilité ID : CVE-2023-39398

Première publication le : 13-08-2023 13:15:11
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39398
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-275


Vulnérabilité ID : CVE-2023-39399

Première publication le : 13-08-2023 13:15:12
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39399
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-275


Vulnérabilité ID : CVE-2023-39400

Première publication le : 13-08-2023 13:15:12
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39400
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-39401

Première publication le : 13-08-2023 13:15:12
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39401
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-39402

Première publication le : 13-08-2023 13:15:13
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39402
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-39403

Première publication le : 13-08-2023 13:15:13
Dernière modification le : 14-08-2023 00:36:52

Description :
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVE ID : CVE-2023-39403
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-358


Vulnérabilité ID : CVE-2023-39404

Première publication le : 13-08-2023 13:15:13
Dernière modification le : 14-08-2023 00:36:52

Description :
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.

CVE ID : CVE-2023-39404
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-39406

Première publication le : 13-08-2023 13:15:13
Dernière modification le : 14-08-2023 00:36:52

Description :
Permission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.

CVE ID : CVE-2023-39406
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/8/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | source : psirt@huawei.com

Vulnérabilité : CWE-264


Source : wpscan.com

Vulnérabilité ID : CVE-2022-4953

Première publication le : 14-08-2023 20:15:10
Dernière modification le : 14-08-2023 20:15:10

Description :
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs.

CVE ID : CVE-2022-4953
Source : contact@wpscan.com
Score CVSS : /

Références :
https://github.com/elementor/elementor/commit/292fc49e0f979bd52d838f0326d1faaebfa59f5e | source : contact@wpscan.com
https://wpscan.com/vulnerability/8273357e-f9e1-44bc-8082-8faab838eda7 | source : contact@wpscan.com

Vulnérabilité : CWE-80


Vulnérabilité ID : CVE-2023-2606

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The WP Brutal AI WordPress plugin before 2.06 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2606
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/62deb3ed-a7e4-4cdc-a615-cad2ec2e1e8f | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2802

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-2802
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/c5cc136a-2fa6-44ff-b5b5-26d367937df9 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2803

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

CVE ID : CVE-2023-2803
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/ec640d47-bb22-478d-9668-1dab72f12f8d | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3328

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3328
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/d8b76875-cf7f-43a9-b88b-d8aefefab131 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3435

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks.

CVE ID : CVE-2023-3435
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/30a37a61-0d16-46f7-b9d8-721d983afc6b | source : contact@wpscan.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3601

Première publication le : 14-08-2023 20:15:11
Dernière modification le : 14-08-2023 20:15:11

Description :
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.

CVE ID : CVE-2023-3601
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f | source : contact@wpscan.com

Vulnérabilité : CWE-639


Vulnérabilité ID : CVE-2023-3645

Première publication le : 14-08-2023 20:15:12
Dernière modification le : 14-08-2023 20:15:12

Description :
The Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3645
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/58c11f1e-6ea0-468c-b974-4aea9eb94b82 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3721

Première publication le : 14-08-2023 20:15:12
Dernière modification le : 14-08-2023 20:15:12

Description :
The WP-EMail WordPress plugin before 2.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3721
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/3f90347a-6586-4648-9f2c-d4f321bf801a | source : contact@wpscan.com

Vulnérabilité : CWE-79


Source : android.com

Vulnérabilité ID : CVE-2023-20965

Première publication le : 14-08-2023 21:15:10
Dernière modification le : 14-08-2023 21:15:10

Description :
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-20965
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2 | source : security@android.com
https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a | source : security@android.com
https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21132

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21132
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Permission/+/0679e4f35055729be7276536fe45fe8ec18a0453 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21133

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21133
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Permission/+/0679e4f35055729be7276536fe45fe8ec18a0453 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21134

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21134
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Permission/+/0679e4f35055729be7276536fe45fe8ec18a0453 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21140

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21140
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Permission/+/0679e4f35055729be7276536fe45fe8ec18a0453 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21242

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21242
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/modules/Wifi/+/72e903f258b5040b8f492cf18edd124b5a1ac770 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21264

Première publication le : 14-08-2023 21:15:11
Dernière modification le : 14-08-2023 21:15:11

Description :
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21264
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/kernel/common/+/53625a846a7b4 | source : security@android.com
https://android.googlesource.com/kernel/common/+/b35a06182451f | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21265

Première publication le : 14-08-2023 21:15:12
Dernière modification le : 14-08-2023 21:15:12

Description :
In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21265
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/system/ca-certificates/+/6065b4a4c7da9cc9ee01c2f6389575647d2724c4 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21267

Première publication le : 14-08-2023 21:15:12
Dernière modification le : 14-08-2023 21:15:12

Description :
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21267
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/frameworks/base/+/d18d8b350756b0e89e051736c1f28744ed31e93a | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21268

Première publication le : 14-08-2023 21:15:12
Dernière modification le : 14-08-2023 21:15:12

Description :
In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21268
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/packages/providers/TelephonyProvider/+/ca4c9a19635119d95900793e7a41b820cd1d94d9 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Vulnérabilité ID : CVE-2023-21269

Première publication le : 14-08-2023 21:15:12
Dernière modification le : 14-08-2023 21:15:12

Description :
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-21269
Source : security@android.com
Score CVSS : /

Références :
https://android.googlesource.com/platform/frameworks/base/+/70ec64dc5a2a816d6aa324190a726a85fd749b30 | source : security@android.com
https://source.android.com/security/bulletin/2023-08-01 | source : security@android.com


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.