Dernières vulnérabilités du Lundi 17 Juillet 2023 + weekend

Dernières vulnérabilités du Lundi 17 Juillet 2023 + weekend
{{titre}}

Dernière mise à jour efféctuée le 17/07/2023 à 16:13:14

(5) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-3696

Première publication le : 17-07-2023 01:15:08
Dernière modification le : 17-07-2023 13:02:37

Description :
Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4.

CVE ID : CVE-2023-3696
Source : security@huntr.dev
Score CVSS : 10.0

Références :
https://github.com/automattic/mongoose/commit/305ce4ff789261df7e3f6e72363d0703e025f80d | source : security@huntr.dev
https://huntr.dev/bounties/1eef5a72-f6ab-4f61-b31d-fc66f5b4b467 | source : security@huntr.dev

Vulnérabilité : CWE-1321


Vulnérabilité ID : CVE-2023-3668

Première publication le : 14-07-2023 01:15:08
Dernière modification le : 14-07-2023 12:47:21

Description :
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.

CVE ID : CVE-2023-3668
Source : security@huntr.dev
Score CVSS : 9.1

Références :
https://github.com/froxlor/froxlor/commit/03b5a921ff308eeab21bf9d240f27783c8591965 | source : security@huntr.dev
https://huntr.dev/bounties/df8cccf4-a340-440e-a7e0-1b42e757d66e | source : security@huntr.dev

Vulnérabilité : CWE-116


Source : github.com

Vulnérabilité ID : CVE-2023-37462

Première publication le : 14-07-2023 21:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document `SkinsCode.XWikiSkinsSheet` leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The attack works by opening a non-existing page with a name crafted to contain a dangerous payload. It is possible to check if an existing installation is vulnerable. See the linked GHSA for instructions on testing an installation. This issue has been patched in XWiki 14.4.8, 14.10.4 and 15.0-rc-1. Users are advised to upgrade. The fix commit `d9c88ddc` can also be applied manually to the impacted document `SkinsCode.XWikiSkinsSheet` and users unable to upgrade are advised to manually patch their installations.

CVE ID : CVE-2023-37462
Source : security-advisories@github.com
Score CVSS : 9.9

Références :
https://github.com/xwiki/xwiki-platform/commit/d9c88ddc4c0c78fa534bd33237e95dea66003d29 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4vp-69r8-gvjg | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20457 | source : security-advisories@github.com

Vulnérabilité : CWE-74Vulnérabilité : CWE-95


Vulnérabilité ID : CVE-2023-37466

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
vm2 is an advanced vm/sandbox for Node.js. The library contains critical security issues and should not be used for production. The maintenance of the project has been discontinued. In vm2 for versions up to 3.9.19, `Promise` handler sanitization can be bypassed with `@@species` accessor property allowing attackers to escape the sandbox and run arbitrary code. Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox.

CVE ID : CVE-2023-37466
Source : security-advisories@github.com
Score CVSS : 9.8

Références :
https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5 | source : security-advisories@github.com

Vulnérabilité : CWE-94


Source : fluidattacks.com

Vulnérabilité ID : CVE-2023-2507

Première publication le : 15-07-2023 19:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them.

CVE ID : CVE-2023-2507
Source : help@fluidattacks.com
Score CVSS : 9.3

Références :
https://fluidattacks.com/advisories/maiden/ | source : help@fluidattacks.com
https://github.com/CleverTap/clevertap-cordova | source : help@fluidattacks.com

Vulnérabilité : CWE-79


(25) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : cert.vde.com

Vulnérabilité ID : CVE-2023-2759

Première publication le : 17-07-2023 07:15:08
Dernière modification le : 17-07-2023 13:02:37

Description :
A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this vulnerability.

CVE ID : CVE-2023-2759
Source : info@cert.vde.com
Score CVSS : 8.8

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-2759 | source : info@cert.vde.com

Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-2760

Première publication le : 17-07-2023 07:15:08
Dernière modification le : 17-07-2023 13:02:37

Description :
An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service.

CVE ID : CVE-2023-2760
Source : info@cert.vde.com
Score CVSS : 7.6

Références :
https://claroty.com/team82/disclosure-dashboard/cve-2023-2759 | source : info@cert.vde.com

Vulnérabilité : CWE-74


Source : github.com

Vulnérabilité ID : CVE-2023-37464

Première publication le : 14-07-2023 21:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug allows an attacker to provide a truncated Authentication Tag and to modify the JWE accordingly. Users should upgrade to a version >= 0.6.2.2. Users unable to upgrade should avoid using AES GCM encryption and replace it with another encryption algorithm (e.g. AES CBC).

CVE ID : CVE-2023-37464
Source : security-advisories@github.com
Score CVSS : 8.6

Références :
https://datatracker.ietf.org/doc/html/rfc7518#section-4.7 | source : security-advisories@github.com
https://github.com/OpenIDC/cjose/commit/7325e9a5e71e2fc0e350487ecac7d84acdf0ed5e | source : security-advisories@github.com
https://github.com/OpenIDC/cjose/releases/tag/v0.6.2.2 | source : security-advisories@github.com
https://github.com/OpenIDC/cjose/security/advisories/GHSA-3rhg-3gf2-6xgj | source : security-advisories@github.com

Vulnérabilité : CWE-327


Vulnérabilité ID : CVE-2023-37473

Première publication le : 14-07-2023 21:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing _callable strings_ (ie `system`) caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit `f4b1c48820` and included in release version 0.2.1. Users are advised to upgrade. Users unable to upgrade should ensure that user input is not passed to either `EntityRepository::find()` or `query()`.

CVE ID : CVE-2023-37473
Source : security-advisories@github.com
Score CVSS : 8.5

Références :
https://github.com/zenstruck/collection/commit/f4b1c488206e1b1581b06fcd331686846f13f19c | source : security-advisories@github.com
https://github.com/zenstruck/collection/releases/tag/v0.2.1 | source : security-advisories@github.com
https://github.com/zenstruck/collection/security/advisories/GHSA-7xr2-8ff7-6fjq | source : security-advisories@github.com

Vulnérabilité : CWE-74


Vulnérabilité ID : CVE-2023-34236

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (`tf-runner`), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions `tfexec.ShowPlan`, `tfexec.ShowPlanRaw`, and `tfexec.Output` are implicated when the `tfexec` object set its `Stdout` and `Stderr` to be `os.Stdout` and `os.Stderr`. An unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller. A successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system. This vulnerability has been addressed in Weave GitOps Terraform Controller versions `v0.14.4` and `v0.15.0-rc.5`. Users are urged to upgrade to one of these versions to mitigate the vulnerability. As a temporary measure until the patch can be applied, users can add the environment variable `DISABLE_TF_LOGS` to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability.

CVE ID : CVE-2023-34236
Source : security-advisories@github.com
Score CVSS : 8.5

Références :
https://github.com/weaveworks/tf-controller/commit/28282bc644054e157c3b9a3d38f1f9551ce09074 | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/commit/6323b355bd7f5d2ce85d0244fe0883af3881df4e | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/commit/9708fda28ccd0466cb0a8fd409854ab4d92f7dca | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/commit/98a0688036e9dbcf43fa84960d9a1ef3e09a69cf | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/issues/637 | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/issues/649 | source : security-advisories@github.com
https://github.com/weaveworks/tf-controller/security/advisories/GHSA-6hvv-j432-23cv | source : security-advisories@github.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-37472

Première publication le : 14-07-2023 21:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
Knowage is an open source suite for business analytics. The application often use user supplied data to create HQL queries without prior sanitization. An attacker can create specially crafted HQL queries that will break subsequent SQL queries generated by the Hibernate engine. The endpoint `_/knowage/restful-services/2.0/documents/listDocument_` calls the `_countBIObjects_` method of the `_BIObjectDAOHibImpl_` object with the user supplied `_label_` parameter without prior sanitization. This can lead to SQL injection in the backing database. Other injections have been identified in the application as well. An authenticated attacker with low privileges could leverage this vulnerability in order to retrieve sensitive information from the database, such as account credentials or business information. This issue has been addressed in version 8.1.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-37472
Source : security-advisories@github.com
Score CVSS : 7.7

Références :
https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-2j3f-f696-7rgj | source : security-advisories@github.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-37474

Première publication le : 14-07-2023 20:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-37474
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/9001/copyparty/commit/043e3c7dd683113e2b1c15cacb9c8e68f76513ff | source : security-advisories@github.com
https://github.com/9001/copyparty/security/advisories/GHSA-pxfv-7rr3-2qjg | source : security-advisories@github.com

Vulnérabilité : CWE-22


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-30988

Première publication le : 16-07-2023 23:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016.

CVE ID : CVE-2023-30988
Source : psirt@us.ibm.com
Score CVSS : 8.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/254016 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7012355 | source : psirt@us.ibm.com

Vulnérabilité : CWE-269


Vulnérabilité ID : CVE-2023-30989

Première publication le : 16-07-2023 23:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017.

CVE ID : CVE-2023-30989
Source : psirt@us.ibm.com
Score CVSS : 8.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/254017 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7012353 | source : psirt@us.ibm.com

Vulnérabilité : CWE-269


Source : mitre.org

Vulnérabilité ID : CVE-2023-32761

Première publication le : 14-07-2023 18:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request.

CVE ID : CVE-2023-32761
Source : cve@mitre.org
Score CVSS : 8.1

Références :
https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821 | source : cve@mitre.org
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-32760

Première publication le : 14-07-2023 18:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.

CVE ID : CVE-2023-32760
Source : cve@mitre.org
Score CVSS : 7.7

Références :
https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821 | source : cve@mitre.org
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-32759

Première publication le : 14-07-2023 18:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL.

CVE ID : CVE-2023-32759
Source : cve@mitre.org
Score CVSS : 7.5

Références :
https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821 | source : cve@mitre.org
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362 | source : cve@mitre.org


Source : bitdefender.com

Vulnérabilité ID : CVE-2023-3633

Première publication le : 14-07-2023 20:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower.

CVE ID : CVE-2023-3633
Source : cve-requests@bitdefender.com
Score CVSS : 8.1

Références :
https://www.bitdefender.com/support/security-advisories/out-of-bounds-memory-corruption-issue-in-ceva-engine-va-11010 | source : cve-requests@bitdefender.com

Vulnérabilité : CWE-787


Source : starlabs.sg

Vulnérabilité ID : CVE-2023-3513

Première publication le : 14-07-2023 05:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and triggering an insecure .NET deserialization.

CVE ID : CVE-2023-3513
Source : info@starlabs.sg
Score CVSS : 7.8

Références :
https://starlabs.sg/advisories/23/23-3513/ | source : info@starlabs.sg

Vulnérabilité : CWE-269Vulnérabilité : CWE-502


Vulnérabilité ID : CVE-2023-3514

Première publication le : 14-07-2023 05:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to execute arbitrary executable file.

CVE ID : CVE-2023-3514
Source : info@starlabs.sg
Score CVSS : 7.8

Références :
https://starlabs.sg/advisories/23/23-3514/ | source : info@starlabs.sg

Vulnérabilité : CWE-269


Source : microsoft.com

Vulnérabilité ID : CVE-2023-36887

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE ID : CVE-2023-36887
Source : secure@microsoft.com
Score CVSS : 7.8

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36887 | source : secure@microsoft.com


Source : juniper.net

Vulnérabilité ID : CVE-2023-36831

Première publication le : 14-07-2023 15:15:08
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system. The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability. This issue affects Juniper Networks Junos OS on SRX Series: 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.

CVE ID : CVE-2023-36831
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://supportportal.juniper.net/JSA71636 | source : sirt@juniper.net

Vulnérabilité : CWE-703


Vulnérabilité ID : CVE-2023-36832

Première publication le : 14-07-2023 16:15:14
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwarding engine (PFE) to crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue is only triggered by packets destined to a local-interface via a service-interface (AMS). AMS is only supported on the MS-MPC, MS-MIC, and MX-SPC3 cards. This issue is not experienced on other types of interfaces or configurations. Additionally, transit traffic does not trigger this issue. This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S5; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S2; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2.

CVE ID : CVE-2023-36832
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://supportportal.juniper.net/JSA71639 | source : sirt@juniper.net

Vulnérabilité : CWE-755


Vulnérabilité ID : CVE-2023-28985

Première publication le : 14-07-2023 17:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition. On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core. This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598. In order to identify the current SigPack version, following command can be used: user@junos# show security idp security-package-version

CVE ID : CVE-2023-28985
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://supportportal.juniper.net/JSA71662 | source : sirt@juniper.net

Vulnérabilité : CWE-1286


Vulnérabilité ID : CVE-2023-36835

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS). If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover. This issue affects Juniper Networks Junos OS on QFX10000: 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S5; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2; 22.3 versions prior to 22.3R1-S2, 22.3R2.

CVE ID : CVE-2023-36835
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://supportportal.juniper.net/JSA71642 | source : sirt@juniper.net

Vulnérabilité : CWE-754


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3672

Première publication le : 14-07-2023 10:15:08
Dernière modification le : 14-07-2023 12:47:21

Description :
Cross-site Scripting (XSS) - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5.

CVE ID : CVE-2023-3672
Source : security@huntr.dev
Score CVSS : 7.3

Références :
https://github.com/plaidweb/webmention.js/commit/3551b66b3e40da37fee89ecf72930c5efdc53011 | source : security@huntr.dev
https://huntr.dev/bounties/75cfb7ad-a75f-45ff-8688-32a9c55179aa | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3673

Première publication le : 14-07-2023 13:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.24.

CVE ID : CVE-2023-3673
Source : security@huntr.dev
Score CVSS : 7.2

Références :
https://github.com/pimcore/pimcore/commit/a06ce0abdba19ae0eefc38b035e677f8f0c2bce9 | source : security@huntr.dev
https://huntr.dev/bounties/46ca0934-5260-477b-9e86-7b16bb18d0a9 | source : security@huntr.dev

Vulnérabilité : CWE-89


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3693

Première publication le : 16-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
A vulnerability classified as critical was found in SourceCodester Life Insurance Management System 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234244.

CVE ID : CVE-2023-3693
Source : cna@vuldb.com
Score CVSS : 7.3

Références :
https://github.com/tangyi19/Life-Insurance-Management-System/blob/main/Life%20Insurance%20Management%20System%20login.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.234244 | source : cna@vuldb.com
https://vuldb.com/?id.234244 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Source : fluidattacks.com

Vulnérabilité ID : CVE-2023-2268

Première publication le : 15-07-2023 19:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
Plane version 0.7.1 allows an unauthenticated attacker to view all stored server files of all users.

CVE ID : CVE-2023-2268
Source : help@fluidattacks.com
Score CVSS : 7.1

Références :
https://fluidattacks.com/advisories/giardino/ | source : help@fluidattacks.com
https://github.com/makeplane/plane | source : help@fluidattacks.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-30791

Première publication le : 15-07-2023 19:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.

CVE ID : CVE-2023-30791
Source : help@fluidattacks.com
Score CVSS : 7.1

Références :
https://fluidattacks.com/advisories/indio/ | source : help@fluidattacks.com
https://github.com/makeplane/plane | source : help@fluidattacks.com

Vulnérabilité : CWE-434


(44) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-3692

Première publication le : 16-07-2023 01:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10.

CVE ID : CVE-2023-3692
Source : security@huntr.dev
Score CVSS : 6.7

Références :
https://github.com/admidio/admidio/commit/d66585d14b1160712a8a9bfaf9769dd3da0e9a83 | source : security@huntr.dev
https://huntr.dev/bounties/be6616eb-384d-40d6-b1fd-0ec9e4973f12 | source : security@huntr.dev

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-3700

Première publication le : 17-07-2023 07:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

CVE ID : CVE-2023-3700
Source : security@huntr.dev
Score CVSS : 6.3

Références :
https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 | source : security@huntr.dev
https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8 | source : security@huntr.dev

Vulnérabilité : CWE-284


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-35012

Première publication le : 17-07-2023 01:15:08
Dernière modification le : 17-07-2023 13:02:37

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.

CVE ID : CVE-2023-35012
Source : psirt@us.ibm.com
Score CVSS : 6.7

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/257763 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010747 | source : psirt@us.ibm.com

Vulnérabilité : CWE-119


Vulnérabilité ID : CVE-2023-33857

Première publication le : 17-07-2023 00:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695.

CVE ID : CVE-2023-33857
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/257695 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7007059 | source : psirt@us.ibm.com

Vulnérabilité : CWE-200


Source : juniper.net

Vulnérabilité ID : CVE-2023-36833

Première publication le : 14-07-2023 17:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service. An indication that the system experienced this issue is the following log message: <date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ... , app_name L3 Mcast Routes This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202: 21.2 version 21.2R1-EVO and later versions; 21.3 version 21.3R1-EVO and later versions; 21.4 versions prior to 21.4R3-S3-EVO; 22.1 version 22.1R1-EVO and later versions; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R3-EVO; 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

CVE ID : CVE-2023-36833
Source : sirt@juniper.net
Score CVSS : 6.5

Références :
https://supportportal.juniper.net/JSA71640 | source : sirt@juniper.net

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2023-36834

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial of Service (DoS). If an SRX is configured in L2 transparent mode the receipt of a specific genuine packet can cause a single Packet Processing Engines (PPE) component of the PFE to run into a loop, which in turn will render the PPE unavailable. Each packet will cause one PPE to get into a loop, leading to a gradual performance degradation until all PPEs are unavailable and all traffic processing stops. To recover the affected FPC need to be restarted. This issue affects Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series: 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2; 22.3 versions prior to 22.3R1-S1, 22.3R2.

CVE ID : CVE-2023-36834
Source : sirt@juniper.net
Score CVSS : 6.5

Références :
https://supportportal.juniper.net/JSA71641 | source : sirt@juniper.net

Vulnérabilité : CWE-372


Vulnérabilité ID : CVE-2023-36848

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When a malformed CFM packet is received, it leads to an FPC crash. Continued receipt of these packets causes a sustained denial of service. This vulnerability occurs only when CFM has been configured on the interface. This issue affects Juniper Networks Junos OS: versions prior to 19.1R3-S10 on MX Series; 19.2 versions prior to 19.2R3-S7 on MX Series; 19.3 versions prior to 19.3R3-S8 on MX Series; 19.4 versions prior to 19.4R3-S12 on MX Series; 20.1 version 20.1R1 and later versions on MX Series; 20.2 versions prior to 20.2R3-S8 on MX Series; 20.3 version 20.3R1 and later versions on MX Series; 20.4 versions prior to 20.4R3-S7 on MX Series; 21.1 versions prior to 21.1R3-S5 on MX Series; 21.2 versions prior to 21.2R3-S5 on MX Series; 21.3 versions prior to 21.3R3-S4 on MX Series; 21.4 versions prior to 21.4R3-S4 on MX Series; 22.1 versions prior to 22.1R3-S3 on MX Series; 22.2 versions prior to 22.2R3-S1 on MX Series; 22.3 versions prior to 22.3R3 on MX Series; 22.4 versions prior to 22.4R1-S2, 22.4R2 on MX Series.

CVE ID : CVE-2023-36848
Source : sirt@juniper.net
Score CVSS : 6.5

Références :
https://supportportal.juniper.net/JSA71659 | source : sirt@juniper.net

Vulnérabilité : CWE-232


Vulnérabilité ID : CVE-2023-36849

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When a malformed LLDP packet is received, l2cpd will crash and restart. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected. Continued receipt of such packets will lead to a sustained Denial of Service. This issue affects: Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S3; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R2. Juniper Networks Junos OS Evolved 21.4-EVO versions prior to 21.4R3-S2-EVO; 22.1-EVO versions prior to 22.1R3-S3-EVO; 22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO; 22.3-EVO versions prior to 22.3R2-EVO.

CVE ID : CVE-2023-36849
Source : sirt@juniper.net
Score CVSS : 6.5

Références :
https://supportportal.juniper.net/JSA71660 | source : sirt@juniper.net

Vulnérabilité : CWE-703


Vulnérabilité ID : CVE-2023-36850

Première publication le : 14-07-2023 19:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an adjacent attacker on the local broadcast domain to cause a Denial of Service(DoS). Upon receiving a malformed CFM packet, the MPC crashes. Continued receipt of these packets causes a sustained denial of service. This issue can only be triggered when CFM hasn't been configured. This issue affects: Juniper Networks Junos OS All versions prior to 19.1R3-S10 on MX Series; 19.2 versions prior to 19.2R3-S7 on MX Series; 19.3 versions prior to 19.3R3-S8 on MX Series; 19.4 versions prior to 19.4R3-S12 on MX Series; 20.1 version 20.1R1 and later versions on MX Series; 20.2 versions prior to 20.2R3-S7 on MX Series; 20.3 version 20.3R1 and later versions on MX Series; 20.4 versions prior to 20.4R3-S7 on MX Series; 21.1 versions prior to 21.1R3-S5 on MX Series; 21.2 versions prior to 21.2R3-S4 on MX Series; 21.3 versions prior to 21.3R3-S4 on MX Series; 21.4 versions prior to 21.4R3-S3 on MX Series; 22.1 versions prior to 22.1R3-S2 on MX Series; 22.2 versions prior to 22.2R3 on MX Series; 22.3 versions prior to 22.3R2, 22.3R3 on MX Series; 22.4 versions prior to 22.4R2 on MX Series.

CVE ID : CVE-2023-36850
Source : sirt@juniper.net
Score CVSS : 6.5

Références :
https://supportportal.juniper.net/JSA71661 | source : sirt@juniper.net

Vulnérabilité : CWE-1285


Vulnérabilité ID : CVE-2023-36838

Première publication le : 14-07-2023 17:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS). If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2; 22.4 versions prior to 22.4R1-S1, 22.4R2.

CVE ID : CVE-2023-36838
Source : sirt@juniper.net
Score CVSS : 5.5

Références :
https://supportportal.juniper.net/JSA71645 | source : sirt@juniper.net

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2023-36840

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 19.3R3-S10; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2; 22.3 versions prior to 22.3R2; Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S7-EVO; 21.1 versions prior to 21.1R3-S3-EVO; 21.2 versions prior to 21.2R3-S5-EVO; 21.3 versions prior to 21.3R3-S4-EVO; 21.4 versions prior to 21.4R3-EVO; 22.1 versions prior to 22.1R3-EVO; 22.2 versions prior to 22.2R2-EVO; 22.3 versions prior to 22.3R2-EVO;

CVE ID : CVE-2023-36840
Source : sirt@juniper.net
Score CVSS : 5.5

Références :
https://supportportal.juniper.net/JSA71647 | source : sirt@juniper.net

Vulnérabilité : CWE-617


Vulnérabilité ID : CVE-2023-36836

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS 19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9; 20.1 version 20.1R2 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S6-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO version 21.2R1-EVO and later versions; 21.3-EVO versions prior to 21.3R3-S1-EVO; 21.4-EVO versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO; 22.2-EVO versions prior to 22.2R2-EVO.

CVE ID : CVE-2023-36836
Source : sirt@juniper.net
Score CVSS : 4.7

Références :
https://supportportal.juniper.net/JSA71643 | source : sirt@juniper.net

Vulnérabilité : CWE-908


Source : github.com

Vulnérabilité ID : CVE-2023-36818

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-36818
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm | source : security-advisories@github.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-37268

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. When logging in as a user with SSO enabled an attacker may authenticate as an other user. Any user account which does not have a second factor enabled could be compromised. This issue has been addressed in commit `8173f6512a` and in releases starting with version 0.7.3. Users are advised to upgrade. Users unable to upgrade should require their users to use a second factor in authentication.

CVE ID : CVE-2023-37268
Source : security-advisories@github.com
Score CVSS : 6.4

Références :
https://github.com/warp-tech/warpgate/commit/8173f6512ab6183fa5edc5c9a5f3760b8979271e | source : security-advisories@github.com
https://github.com/warp-tech/warpgate/security/advisories/GHSA-868r-97g5-r9g4 | source : security-advisories@github.com

Vulnérabilité : CWE-287


Source : wordfence.com

Vulnérabilité ID : CVE-2023-2082

Première publication le : 14-07-2023 05:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.6 due to insufficient sanitization and escaping on the 'text value set via the bmc_post_reception action. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to inject arbitrary web scripts into pages that execute whenever a victim accesses a page with the injected scripts.

CVE ID : CVE-2023-2082
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?old_path=%2Fbuymeacoffee%2Ftags%2F3.6&old=2922493&new_path=%2Fbuymeacoffee%2Ftags%2F3.7&new=2922493&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ed9f8948-085b-4ac5-befd-c70085aa23cd?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Source : microsoft.com

Vulnérabilité ID : CVE-2023-36888

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
Microsoft Edge for Android (Chromium-based) Tampering Vulnerability

CVE ID : CVE-2023-36888
Source : secure@microsoft.com
Score CVSS : 6.3

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36888 | source : secure@microsoft.com


Vulnérabilité ID : CVE-2023-24896

Première publication le : 14-07-2023 18:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
Dynamics 365 Finance Spoofing Vulnerability

CVE ID : CVE-2023-24896
Source : secure@microsoft.com
Score CVSS : 5.4

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24896 | source : secure@microsoft.com


Vulnérabilité ID : CVE-2023-36883

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
Microsoft Edge for iOS Spoofing Vulnerability

CVE ID : CVE-2023-36883
Source : secure@microsoft.com
Score CVSS : 4.3

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36883 | source : secure@microsoft.com


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3678

Première publication le : 15-07-2023 08:15:42
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_inquiry of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234223.

CVE ID : CVE-2023-3678
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234223 | source : cna@vuldb.com
https://vuldb.com/?id.234223 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3679

Première publication le : 15-07-2023 09:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_inquiry of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-234224.

CVE ID : CVE-2023-3679
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234224 | source : cna@vuldb.com
https://vuldb.com/?id.234224 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3680

Première publication le : 15-07-2023 09:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_item of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-234225 was assigned to this vulnerability.

CVE ID : CVE-2023-3680
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234225 | source : cna@vuldb.com
https://vuldb.com/?id.234225 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3682

Première publication le : 15-07-2023 17:15:38
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability, which was classified as critical, was found in Nesote Inout Blockchain EasyPayments 1.0. Affected is an unknown function of the file /index.php/payment/getcoinaddress of the component POST Parameter Handler. The manipulation of the argument coinid leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-234228. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3682
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234228 | source : cna@vuldb.com
https://vuldb.com/?id.234228 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3686

Première publication le : 16-07-2023 13:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in Bylancer QuickAI OpenAI 3.8.1. It has been declared as critical. This vulnerability affects unknown code of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-234232. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3686
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234232 | source : cna@vuldb.com
https://vuldb.com/?id.234232 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3687

Première publication le : 16-07-2023 14:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in Bylancer QuickVCard 2.1. It has been rated as critical. This issue affects some unknown processing of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be initiated remotely. The identifier VDB-234233 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3687
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234233 | source : cna@vuldb.com
https://vuldb.com/?id.234233 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3688

Première publication le : 16-07-2023 15:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability classified as critical has been found in Bylancer QuickJob 6.1. Affected is an unknown function of the component GET Parameter Handler. The manipulation of the argument keywords/gender leads to sql injection. It is possible to launch the attack remotely. VDB-234234 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3688
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234234 | source : cna@vuldb.com
https://vuldb.com/?id.234234 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3689

Première publication le : 16-07-2023 16:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234235. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3689
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234235 | source : cna@vuldb.com
https://vuldb.com/?id.234235 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3690

Première publication le : 16-07-2023 16:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability, which was classified as critical, has been found in Bylancer QuickOrder 6.3.7. Affected by this issue is some unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-234236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3690
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.234236 | source : cna@vuldb.com
https://vuldb.com/?id.234236 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3694

Première publication le : 17-07-2023 00:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
A vulnerability, which was classified as critical, has been found in SourceCodester House Rental and Property Listing 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-234245 was assigned to this vulnerability.

CVE ID : CVE-2023-3694
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/safetom6/House-Rental-and-Property-Listing-System/blob/main/House%20Rental%20and%20Property%20Listing%20System%20index.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.234245 | source : cna@vuldb.com
https://vuldb.com/?id.234245 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3695

Première publication le : 17-07-2023 01:15:08
Dernière modification le : 17-07-2023 13:02:37

Description :
A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file add-product.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234252.

CVE ID : CVE-2023-3695
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System%20-%20vuln%201.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.234252 | source : cna@vuldb.com
https://vuldb.com/?id.234252 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Source : mitre.org

Vulnérabilité ID : CVE-2023-37224

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files.

CVE ID : CVE-2023-37224
Source : cve@mitre.org
Score CVSS : 6.0

Références :
https://archerirm.com | source : cve@mitre.org
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37223

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execute arbitrary code via a crafted malicious script.

CVE ID : CVE-2023-37223
Source : cve@mitre.org
Score CVSS : 5.4

Références :
https://archerirm.com | source : cve@mitre.org
https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362 | source : cve@mitre.org


Source : secomea.com

Vulnérabilité ID : CVE-2023-2912

Première publication le : 17-07-2023 13:15:10
Dernière modification le : 17-07-2023 13:15:10

Description :
Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction.

CVE ID : CVE-2023-2912
Source : VulnerabilityReporting@secomea.com
Score CVSS : 5.9

Références :
https://www.secomea.com/support/cybersecurity-advisory/ | source : VulnerabilityReporting@secomea.com

Vulnérabilité : CWE-416


Source : blacklanternsecurity.com

Vulnérabilité ID : CVE-2023-3433

Première publication le : 14-07-2023 13:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application.

CVE ID : CVE-2023-3433
Source : cves@blacklanternsecurity.com
Score CVSS : 5.5

Références :
https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities | source : cves@blacklanternsecurity.com
https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10 | source : cves@blacklanternsecurity.com
https://review.jami.net/c/jami-daemon/+/23575 | source : cves@blacklanternsecurity.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-3434

Première publication le : 14-07-2023 13:15:09
Dernière modification le : 14-07-2023 19:46:52

Description :
Improper Input Validation in the hyperlink interpretation in Savoir-faire Linux's Jami (version 20222284) on Windows. This allows an attacker to send a custom HTML anchor tag to pass a string value to the Windows QRC Handler through the Jami messenger.

CVE ID : CVE-2023-3434
Source : cves@blacklanternsecurity.com
Score CVSS : 4.4

Références :
https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities | source : cves@blacklanternsecurity.com
https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10 | source : cves@blacklanternsecurity.com
https://review.jami.net/c/jami-client-qt/+/23569 | source : cves@blacklanternsecurity.com

Vulnérabilité : CWE-20


Source : patchstack.com

Vulnérabilité ID : CVE-2023-23719

Première publication le : 17-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <= 1.3.17 versions.

CVE ID : CVE-2023-23719
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/premmerce/wordpress-premmerce-plugin-1-3-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-27606

Première publication le : 17-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <= 1.4.6 versions.

CVE ID : CVE-2023-27606
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/wp-reroute-email/wordpress-wp-reroute-email-plugin-1-4-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-27424

Première publication le : 17-07-2023 13:15:10
Dernière modification le : 17-07-2023 13:15:10

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy aka Shra Inactive User Deleter plugin <= 1.59 versions.

CVE ID : CVE-2023-27424
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/inactive-user-deleter/wordpress-inactive-user-deleter-plugin-1-58-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-22672

Première publication le : 17-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions.

CVE ID : CVE-2023-22672
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/vslider/wordpress-vslider-multi-image-slider-for-wordpress-plugin-4-1-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23646

Première publication le : 17-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions.

CVE ID : CVE-2023-23646
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/new-album-gallery/wordpress-album-gallery-wordpress-gallery-plugin-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3648

Première publication le : 14-07-2023 07:15:08
Dernière modification le : 14-07-2023 12:47:21

Description :
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

CVE ID : CVE-2023-3648
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/wireshark/wireshark/-/issues/19105 | source : cve@gitlab.com
https://www.wireshark.org/security/wnpa-sec-2023-21.html | source : cve@gitlab.com

Vulnérabilité : CWE-762


Vulnérabilité ID : CVE-2023-3649

Première publication le : 14-07-2023 07:15:08
Dernière modification le : 14-07-2023 12:47:21

Description :
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

CVE ID : CVE-2023-3649
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/wireshark/wireshark/-/issues/19164 | source : cve@gitlab.com
https://www.wireshark.org/security/wnpa-sec-2023-22.html | source : cve@gitlab.com

Vulnérabilité : CWE-126


Source : vmware.com

Vulnérabilité ID : CVE-2023-34036

Première publication le : 17-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server. For the application to be affected, it needs to satisfy the following requirements: * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses. * The application infrastructure does not guard against clients submitting (X-)Forwarded… headers.

CVE ID : CVE-2023-34036
Source : security@vmware.com
Score CVSS : 5.3

Références :
https://spring.io/security/cve-2023-34036 | source : security@vmware.com

Vulnérabilité : CWE-644


Source : redhat.com

Vulnérabilité ID : CVE-2023-38252

Première publication le : 14-07-2023 18:15:10
Dernière modification le : 14-07-2023 19:46:52

Description :
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVE ID : CVE-2023-38252
Source : secalert@redhat.com
Score CVSS : 4.7

Références :
https://access.redhat.com/security/cve/CVE-2023-38252 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222775 | source : secalert@redhat.com
https://github.com/tats/w3m/issues/270 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-38253

Première publication le : 14-07-2023 18:15:11
Dernière modification le : 14-07-2023 19:46:52

Description :
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVE ID : CVE-2023-38253
Source : secalert@redhat.com
Score CVSS : 4.7

Références :
https://access.redhat.com/security/cve/CVE-2023-38253 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222779 | source : secalert@redhat.com
https://github.com/tats/w3m/issues/271 | source : secalert@redhat.com


(8) Vulnérabilité(s) LOW [0.1, 3.9]

Source : github.com

Vulnérabilité ID : CVE-2023-36466

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.

CVE ID : CVE-2023-36466
Source : security-advisories@github.com
Score CVSS : 3.5

Références :
https://github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932 | source : security-advisories@github.com

Vulnérabilité : CWE-20


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3681

Première publication le : 15-07-2023 10:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability classified as problematic was found in Campcodes Retro Cellphone Online Store 1.0. This vulnerability affects unknown code of the file /admin/modal_add_product.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-234226 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3681
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/E1CHO/cve_hub/blob/main/Retro%20Cellphone%20Online%20Store%20-%20vlun%208.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.234226 | source : cna@vuldb.com
https://vuldb.com/?id.234226 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3683

Première publication le : 16-07-2023 08:15:14
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability has been found in LivelyWorks Articart 2.0.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /items/search. The manipulation of the argument search_term leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234229 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3683
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.234229 | source : cna@vuldb.com
https://vuldb.com/?id.234229 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3684

Première publication le : 16-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in LivelyWorks Articart 2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /change-language/de_DE of the component Base64 Encoding Handler. The manipulation of the argument redirectTo leads to open redirect. The attack may be launched remotely. VDB-234230 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3684
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.234230 | source : cna@vuldb.com
https://vuldb.com/?id.234230 | source : cna@vuldb.com

Vulnérabilité : CWE-601


Vulnérabilité ID : CVE-2023-3685

Première publication le : 16-07-2023 11:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
A vulnerability was found in Nesote Inout Search Engine AI Edition 1.1. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234231. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3685
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.234231 | source : cna@vuldb.com
https://vuldb.com/?id.234231 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3691

Première publication le : 16-07-2023 17:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.8.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-234237 was assigned to this vulnerability.

CVE ID : CVE-2023-3691
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://gitee.com/layui/layui/issues/I7HDXZ | source : cna@vuldb.com
https://gitee.com/layui/layui/tree/v2.8.0 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234237 | source : cna@vuldb.com
https://vuldb.com/?id.234237 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2022-4952

Première publication le : 17-07-2023 02:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and classified as problematic. This vulnerability affects the function CreateSerializerSettings of the file src/JsonRpc/Serialization/SerializerBase.cs of the component JSON Serializer. The manipulation leads to resource consumption. Upgrading to version 0.19.7 is able to address this issue. The patch is identified as 7fd2219f194a9ef2a8901bb131c5fa12272305ce. It is recommended to upgrade the affected component. VDB-234238 is the identifier assigned to this vulnerability.

CVE ID : CVE-2022-4952
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/OmniSharp/csharp-language-server-protocol/commit/7fd2219f194a9ef2a8901bb131c5fa12272305ce | source : cna@vuldb.com
https://github.com/OmniSharp/csharp-language-server-protocol/pull/902 | source : cna@vuldb.com
https://github.com/OmniSharp/csharp-language-server-protocol/releases/tag/v0.19.7 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234238 | source : cna@vuldb.com
https://vuldb.com/?id.234238 | source : cna@vuldb.com

Vulnérabilité : CWE-400


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-35901

Première publication le : 17-07-2023 00:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force ID: 259380.

CVE ID : CVE-2023-35901
Source : psirt@us.ibm.com
Score CVSS : 2.7

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/259380 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7012317 | source : psirt@us.ibm.com

Vulnérabilité : CWE-287


(41) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-37714

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic.

CVE ID : CVE-2023-37714
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromRouteStatic/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37715

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm.

CVE ID : CVE-2023-37715
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fmL7ProtForm/reprot.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37716

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.

CVE ID : CVE-2023-37716
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromNatStaticSetting/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37717

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.

CVE ID : CVE-2023-37717
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromDhcpListClient/repot.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37718

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter.

CVE ID : CVE-2023-37718
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeClientFilter/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37719

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter.

CVE ID : CVE-2023-37719
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromP2pListFilter/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37721

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter.

CVE ID : CVE-2023-37721
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeMacFilter/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37722

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter.

CVE ID : CVE-2023-37722
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeUrlFilter/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37723

Première publication le : 14-07-2023 00:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.

CVE ID : CVE-2023-37723
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromqossetting/report.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38286

Première publication le : 14-07-2023 05:15:09
Dernière modification le : 14-07-2023 12:47:21

Description :
Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.

CVE ID : CVE-2023-38286
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36119

Première publication le : 14-07-2023 15:15:08
Dernière modification le : 14-07-2023 19:46:52

Description :
File upload vulnerability in PHPGurukul Online Security Guards Hiring System v.1.0 allows a remote attacker to execute arbitrary code via a crafted php file to the \osghs\admin\images file.

CVE ID : CVE-2023-36119
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md | source : cve@mitre.org
https://nvd.nist.gov/vuln/detail/CVE-2023-0527 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38325

Première publication le : 14-07-2023 20:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

CVE ID : CVE-2023-38325
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/pyca/cryptography/compare/41.0.1...41.0.2 | source : cve@mitre.org
https://github.com/pyca/cryptography/issues/9207 | source : cve@mitre.org
https://github.com/pyca/cryptography/pull/9208 | source : cve@mitre.org
https://pypi.org/project/cryptography/#history | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38336

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

CVE ID : CVE-2023-38336
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38337

Première publication le : 14-07-2023 22:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.

CVE ID : CVE-2023-38337
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/rswag/rswag/compare/2.9.0...2.10.1 | source : cve@mitre.org
https://github.com/rswag/rswag/issues/653 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37793

Première publication le : 14-07-2023 23:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp.

CVE ID : CVE-2023-37793
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/PwnYouLin/IOT_vul/blob/main/wayos/2/readme.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37794

Première publication le : 14-07-2023 23:15:09
Dernière modification le : 17-07-2023 13:02:46

Description :
WAYOS FBM-291W 19.09.11V was discovered to contain a command injection vulnerability via the component /upgrade_filter.asp.

CVE ID : CVE-2023-37794
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/PwnYouLin/IOT_vul/tree/main/wayos/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35802

Première publication le : 15-07-2023 02:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit.

CVE ID : CVE-2023-35802
Source : cve@mitre.org
Score CVSS : /

Références :
https://extremeportal.force.com/ExtrArticleDetail?an=000112741 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38349

Première publication le : 15-07-2023 02:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26.

CVE ID : CVE-2023-38349
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/pnp4nagios/pnp4nagios/pull/17 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38350

Première publication le : 15-07-2023 02:15:08
Dernière modification le : 17-07-2023 13:02:46

Description :
PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26.

CVE ID : CVE-2023-38350
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/pnp4nagios/pnp4nagios/pull/16 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36165

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36165
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-36166

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36166
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-36168

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36168
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-36169

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36169
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37800

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37800
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37801

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37801
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37802

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37802
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37803

Première publication le : 15-07-2023 22:15:11
Dernière modification le : 15-07-2023 22:15:11

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37803
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37804

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37804
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37805

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37805
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37806

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37806
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37807

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37807
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37808

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37808
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37809

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37809
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37810

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37810
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37811

Première publication le : 15-07-2023 22:15:12
Dernière modification le : 15-07-2023 22:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-37811
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2021-31294

Première publication le : 15-07-2023 23:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.

CVE ID : CVE-2021-31294
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48 | source : cve@mitre.org
https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f | source : cve@mitre.org
https://github.com/redis/redis/issues/8712 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38378

Première publication le : 16-07-2023 17:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.

CVE ID : CVE-2023-38378
Source : cve@mitre.org
Score CVSS : /

Références :
https://news.ycombinator.com/item?id=36745664 | source : cve@mitre.org
https://tortel.li/post/insecure-scope/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38379

Première publication le : 16-07-2023 17:15:09
Dernière modification le : 17-07-2023 13:02:42

Description :
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to change the admin password via a zero-length pass0 to the webcontrol changepwd.cgi application, i.e., the entered password only needs to match the first zero characters of the saved password.

CVE ID : CVE-2023-38379
Source : cve@mitre.org
Score CVSS : /

Références :
https://news.ycombinator.com/item?id=36745664 | source : cve@mitre.org
https://tortel.li/post/insecure-scope/ | source : cve@mitre.org


Source : openssl.org

Vulnérabilité ID : CVE-2023-2975

Première publication le : 14-07-2023 12:15:09
Dernière modification le : 15-07-2023 13:15:09

Description :
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.

CVE ID : CVE-2023-2975
Source : openssl-security@openssl.org
Score CVSS : /

Références :
http://www.openwall.com/lists/oss-security/2023/07/15/1 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc | source : openssl-security@openssl.org
https://www.openssl.org/news/secadv/20230714.txt | source : openssl-security@openssl.org


Source : android.com

Vulnérabilité ID : CVE-2023-35692

Première publication le : 14-07-2023 16:15:14
Dernière modification le : 14-07-2023 19:46:52

Description :
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE ID : CVE-2023-35692
Source : security@android.com
Score CVSS : /

Références :
https://source.android.com/security/bulletin/pixel/2023-07-01 | source : security@android.com


Source : apache.org

Vulnérabilité ID : CVE-2023-26512

Première publication le : 17-07-2023 08:15:09
Dernière modification le : 17-07-2023 13:02:37

Description :
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master branch in project repo to fix this issue, we will release the new version as soon as possible.

CVE ID : CVE-2023-26512
Source : security@apache.org
Score CVSS : /

Références :
https://lists.apache.org/thread/zb1d62wh8o8pvntrnx4t1hj8vz0pm39p | source : security@apache.org

Vulnérabilité : CWE-502


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.