Dernières vulnérabilités du Lundi 28 Août 2023 + weekend

Dernières vulnérabilités du Lundi 28 Août 2023 + weekend
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 28/08/2023 à 23:58:02

(8) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : cert.org.tw

Vulnérabilité ID : CVE-2023-32757

Première publication le : 25-08-2023 08:15:07
Dernière modification le : 25-08-2023 12:47:00

Description :
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.

CVE ID : CVE-2023-32757
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7330-94442-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-38024

Première publication le : 28-08-2023 04:15:14
Dernière modification le : 28-08-2023 05:16:01

Description :
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded Telnet credentials. An remote unauthenticated attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.

CVE ID : CVE-2023-38024
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7331-9099e-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-38025

Première publication le : 28-08-2023 04:15:16
Dernière modification le : 28-08-2023 05:16:01

Description :
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to arbitrary system commands or disrupt service.

CVE ID : CVE-2023-38025
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7332-ee011-1.html | source : twcert@cert.org.tw


Vulnérabilité ID : CVE-2023-38026

Première publication le : 28-08-2023 04:15:16
Dernière modification le : 28-08-2023 05:16:01

Description :
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.

CVE ID : CVE-2023-38026
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7333-972ca-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-38027

Première publication le : 28-08-2023 04:15:17
Dernière modification le : 28-08-2023 05:16:01

Description :
SpotCam Co., Ltd. SpotCam Sense’s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to perform arbitrary system commands or disrupt service.

CVE ID : CVE-2023-38027
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7334-351fb-1.html | source : twcert@cert.org.tw


Vulnérabilité ID : CVE-2023-38029

Première publication le : 28-08-2023 06:15:07
Dernière modification le : 28-08-2023 13:07:56

Description :
Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service.

CVE ID : CVE-2023-38029
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7336-35a94-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-38028

Première publication le : 28-08-2023 05:15:07
Dernière modification le : 28-08-2023 05:16:01

Description :
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service.

CVE ID : CVE-2023-38028
Source : twcert@cert.org.tw
Score CVSS : 9.1

Références :
https://www.twcert.org.tw/tw/cp-132-7335-d300a-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-306


Source : github.com

Vulnérabilité ID : CVE-2023-40571

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
weblogic-framework is a tool for detecting weblogic vulnerabilities. Versions 0.2.3 and prior do not verify the returned data packets, and there is a deserialization vulnerability which may lead to remote code execution. When weblogic-framework gets the command echo, it directly deserializes the data returned by the server without verifying it. At the same time, the classloader loads a lot of deserialization calls. In this case, the malicious serialized data returned by the server will cause remote code execution. Version 0.2.4 contains a patch for this issue.

CVE ID : CVE-2023-40571
Source : security-advisories@github.com
Score CVSS : 9.8

Références :
https://github.com/dream0x01/weblogic-framework/releases/tag/v0.2.4 | source : security-advisories@github.com
https://github.com/dream0x01/weblogic-framework/security/advisories/GHSA-hjwj-4f3q-44h3 | source : security-advisories@github.com

Vulnérabilité : CWE-502


(19) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : us.ibm.com

Vulnérabilité ID : CVE-2023-30435

Première publication le : 27-08-2023 23:15:33
Dernière modification le : 28-08-2023 05:16:07

Description :
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.

CVE ID : CVE-2023-30435
Source : psirt@us.ibm.com
Score CVSS : 8.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252291 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028506 | source : psirt@us.ibm.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33852

Première publication le : 27-08-2023 23:15:34
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.

CVE ID : CVE-2023-33852
Source : psirt@us.ibm.com
Score CVSS : 7.6

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/257614 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028514 | source : psirt@us.ibm.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2022-43904

Première publication le : 28-08-2023 00:15:07
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.

CVE ID : CVE-2022-43904
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/240895 | source : psirt@us.ibm.com
https://https://www.ibm.com/support/pages/node/7028509 | source : psirt@us.ibm.com

Vulnérabilité : CWE-307


Vulnérabilité ID : CVE-2022-43907

Première publication le : 27-08-2023 23:15:28
Dernière modification le : 28-08-2023 05:16:07

Description :
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.

CVE ID : CVE-2022-43907
Source : psirt@us.ibm.com
Score CVSS : 7.2

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/240901 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028511 | source : psirt@us.ibm.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-22877

Première publication le : 28-08-2023 01:15:07
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368.

CVE ID : CVE-2023-22877
Source : psirt@us.ibm.com
Score CVSS : 7.0

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/244368 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6988623 | source : psirt@us.ibm.com

Vulnérabilité : CWE-1236


Source : 3ds.com

Vulnérabilité ID : CVE-2023-1997

Première publication le : 28-08-2023 16:15:08
Dernière modification le : 28-08-2023 19:28:54

Description :
An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution.

CVE ID : CVE-2023-1997
Source : 3DS.Information-Security@3ds.com
Score CVSS : 8.8

Références :
https://www.3ds.com/vulnerability/advisories | source : 3DS.Information-Security@3ds.com

Vulnérabilité : CWE-78


Source : microsoft.com

Vulnérabilité ID : CVE-2023-36741

Première publication le : 26-08-2023 01:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE ID : CVE-2023-36741
Source : secure@microsoft.com
Score CVSS : 8.3

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36741 | source : secure@microsoft.com


Source : github.com

Vulnérabilité ID : CVE-2023-40580

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1.

CVE ID : CVE-2023-40580
Source : security-advisories@github.com
Score CVSS : 8.1

Références :
https://github.com/stellar/freighter/commit/81f78ba008c41ce631a3d0f9e4449f4bbd90baee | source : security-advisories@github.com
https://github.com/stellar/freighter/pull/948 | source : security-advisories@github.com
https://github.com/stellar/freighter/security/advisories/GHSA-vqr6-hwg2-775w | source : security-advisories@github.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-40031

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.

CVE ID : CVE-2023-40031
Source : security-advisories@github.com
Score CVSS : 7.8

Références :
https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/ | source : security-advisories@github.com

Vulnérabilité : CWE-120
Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-40590

Première publication le : 28-08-2023 18:15:08
Dernière modification le : 28-08-2023 19:28:54

Description :
GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the `git` command, if a user runs GitPython from a repo has a `git.exe` or `git` executable, that program will be run instead of the one in the user's `PATH`. This is more of a problem on how Python interacts with Windows systems, Linux and any other OS aren't affected by this. But probably people using GitPython usually run it from the CWD of a repo. An attacker can trick a user to download a repository with a malicious `git` executable, if the user runs/imports GitPython from that directory, it allows the attacker to run any arbitrary commands. There is no fix currently available for windows users, however there are a few mitigations. 1: Default to an absolute path for the git program on Windows, like `C:\\Program Files\\Git\\cmd\\git.EXE` (default git path installation). 2: Require users to set the `GIT_PYTHON_GIT_EXECUTABLE` environment variable on Windows systems. 3: Make this problem prominent in the documentation and advise users to never run GitPython from an untrusted repo, or set the `GIT_PYTHON_GIT_EXECUTABLE` env var to an absolute path. 4: Resolve the executable manually by only looking into the `PATH` environment variable.

CVE ID : CVE-2023-40590
Source : security-advisories@github.com
Score CVSS : 7.8

Références :
https://docs.python.org/3/library/subprocess.html#popen-constructor | source : security-advisories@github.com
https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4 | source : security-advisories@github.com

Vulnérabilité : CWE-426


Vulnérabilité ID : CVE-2023-40577

Première publication le : 25-08-2023 01:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.

CVE ID : CVE-2023-40577
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/prometheus/alertmanager/security/advisories/GHSA-v86x-5fm3-5p7j | source : security-advisories@github.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40583

Première publication le : 25-08-2023 21:15:09
Dernière modification le : 26-08-2023 04:05:04

Description :
libp2p is a networking stack and library modularized out of The IPFS Project, and bundled separately for other tools to use. In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. If users of go-libp2p in production are not monitoring memory consumption over time, it could be a silent attack i.e. the attacker could bring down nodes over a period of time (how long depends on the node resources i.e. a go-libp2p node on a virtual server with 4 gb of memory takes about 90 sec to bring down; on a larger server, it might take a bit longer.) This issue was patched in version 0.27.4.

CVE ID : CVE-2023-40583
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/libp2p/go-libp2p/commit/45d3c6fff662ddd6938982e7e9309ad5fa2ad8dd | source : security-advisories@github.com
https://github.com/libp2p/go-libp2p/releases/tag/v0.27.4 | source : security-advisories@github.com
https://github.com/libp2p/go-libp2p/releases/tag/v0.27.7 | source : security-advisories@github.com
https://github.com/libp2p/go-libp2p/security/advisories/GHSA-gcq9-qqwx-rgj3 | source : security-advisories@github.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-40586

Première publication le : 25-08-2023 21:15:09
Dernière modification le : 26-08-2023 04:05:04

Description :
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of `log.Fatalf`, the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an error in `mime.ParseMediaType`. This issue was patched in version 3.0.1.

CVE ID : CVE-2023-40586
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/corazawaf/coraza/commit/a5239ba3ce839e14d9b4f9486e1b4a403dcade8c | source : security-advisories@github.com
https://github.com/corazawaf/coraza/security/advisories/GHSA-c2pj-v37r-2p6h | source : security-advisories@github.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-40585

Première publication le : 25-08-2023 21:15:09
Dernière modification le : 26-08-2023 04:05:04

Description :
ironic-image is a container image to run OpenStack Ironic as part of Metal³. Prior to version capm3-v1.4.3, if Ironic is not deployed with TLS and it does not have API and Conductor split into separate services, access to the API is not protected by any authentication. Ironic API is also listening in host network. In case the node is not behind a firewall, the API could be accessed by anyone via network without authentication. By default, Ironic API in Metal3 is protected by TLS and basic authentication, so this vulnerability requires operator to configure API without TLS for it to be vulnerable. TLS and authentication however should not be coupled as they are in versions prior to capm3-v1.4.3. A patch exists in versions capm3-v1.4.3 and newer. Some workarounds are available. Either configure TLS for Ironic API (`deploy.sh -t ...`, `IRONIC_TLS_SETUP=true`) or split Ironic API and Conductor via configuration change (old implementation, not recommended). With both workarounds, services are configured with httpd front-end, which has proper authentication configuration in place.

CVE ID : CVE-2023-40585
Source : security-advisories@github.com
Score CVSS : 7.3

Références :
https://github.com/metal3-io/ironic-image/commit/f64bb6ce0945bbfb30d9965f98149ea183311de9 | source : security-advisories@github.com
https://github.com/metal3-io/ironic-image/security/advisories/GHSA-jwpr-9fwh-m4g7 | source : security-advisories@github.com

Vulnérabilité : CWE-306


Source : m-files.com

Vulnérabilité ID : CVE-2023-3406

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server

CVE ID : CVE-2023-3406
Source : security@m-files.com
Score CVSS : 7.7

Références :
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3406 | source : security@m-files.com

Vulnérabilité : CWE-22


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-32756

Première publication le : 25-08-2023 08:15:07
Dernière modification le : 25-08-2023 12:47:00

Description :
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.

CVE ID : CVE-2023-32756
Source : twcert@cert.org.tw
Score CVSS : 7.5

Références :
https://www.twcert.org.tw/tw/cp-132-7329-d8e4c-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-38030

Première publication le : 28-08-2023 07:15:09
Dernière modification le : 28-08-2023 13:07:56

Description :
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial website URLs to read sensitive device information without permissions.

CVE ID : CVE-2023-38030
Source : twcert@cert.org.tw
Score CVSS : 7.5

Références :
https://www.twcert.org.tw/tw/cp-132-7337-501df-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-306


Source : patchstack.com

Vulnérabilité ID : CVE-2023-32518

Première publication le : 25-08-2023 09:15:07
Dernière modification le : 25-08-2023 12:47:00

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ono Oogami WP Chinese Conversion plugin <= 1.1.16 versions.

CVE ID : CVE-2023-32518
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wp-chinese-conversion/wordpress-wp-chinese-conversion-plugin-1-1-16-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4561

Première publication le : 28-08-2023 01:15:11
Dernière modification le : 28-08-2023 05:16:01

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.

CVE ID : CVE-2023-4561
Source : security@huntr.dev
Score CVSS : 7.1

Références :
https://github.com/omeka/omeka-s/commit/4482f4fc0f3a66c5ef058c4be9fabf3c29a105af | source : security@huntr.dev
https://huntr.dev/bounties/d4302a0d-db62-4d76-93dd-e6e6473e057a | source : security@huntr.dev

Vulnérabilité : CWE-79


(53) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : zte.com.cn

Vulnérabilité ID : CVE-2023-25649

Première publication le : 25-08-2023 10:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.

CVE ID : CVE-2023-25649
Source : psirt@zte.com.cn
Score CVSS : 6.8

Références :
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032544 | source : psirt@zte.com.cn

Vulnérabilité : CWE-77


Source : patchstack.com

Vulnérabilité ID : CVE-2023-32576

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.18 versions.

CVE ID : CVE-2023-32576
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/locatoraid/wordpress-locatoraid-store-locator-plugin-3-9-18-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25981

Première publication le : 25-08-2023 10:15:09
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions.

CVE ID : CVE-2023-25981
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32598

Première publication le : 25-08-2023 12:15:07
Dernière modification le : 28-08-2023 13:34:58

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in A. R. Jones Featured Image Pro Post Grid plugin <= 5.14 versions.

CVE ID : CVE-2023-32598
Source : audit@patchstack.com
Score CVSS : 6.1

Références :
https://patchstack.com/database/vulnerability/featured-image-pro/wordpress-featured-image-pro-post-grid-plugin-5-14-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:shooflysolutions:featured_image_pro_post_grid:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 5.14


Vulnérabilité ID : CVE-2023-32603

Première publication le : 25-08-2023 12:15:08
Dernière modification le : 28-08-2023 13:35:12

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin <= 4.0.12 versions.

CVE ID : CVE-2023-32603
Source : audit@patchstack.com
Score CVSS : 6.1

Références :
https://patchstack.com/database/vulnerability/smart-donations/wordpress-donations-made-easy-smart-donations-plugin-4-0-12-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:rednao:smart_donations:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 4.0.12


Vulnérabilité ID : CVE-2023-32797

Première publication le : 25-08-2023 12:15:08
Dernière modification le : 28-08-2023 13:35:21

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution video carousel slider with lightbox plugin <= 1.0.22 versions.

CVE ID : CVE-2023-32797
Source : audit@patchstack.com
Score CVSS : 6.1

Références :
https://patchstack.com/database/vulnerability/wp-responsive-video-gallery-with-lightbox/wordpress-video-carousel-slider-with-lightbox-plugin-1-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:i13websolution:video_carousel_slider_with_lightbox:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.0.22


Vulnérabilité ID : CVE-2023-32577

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin <= 4.0.0 versions.

CVE ID : CVE-2023-32577
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/devbuddy-twitter-feed/wordpress-devbuddy-twitter-feed-plugin-4-0-0-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32584

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin <= 3.1.3 versions.

CVE ID : CVE-2023-32584
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/ebecas/wordpress-ebecas-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32591

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin <= 3.0.0 versions.

CVE ID : CVE-2023-32591
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/d-bargain/wordpress-dbargain-plugin-3-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24394

Première publication le : 25-08-2023 11:15:07
Dernière modification le : 25-08-2023 12:47:00

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin <= 3.3 versions.

CVE ID : CVE-2023-24394
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/iframe-popup/wordpress-iframe-popup-plugin-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32575

Première publication le : 25-08-2023 11:15:08
Dernière modification le : 28-08-2023 13:34:31

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.25 versions.

CVE ID : CVE-2023-32575
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/product-page-shipping-calculator-for-woocommerce/wordpress-product-page-shipping-calculator-for-woocommerce-plugin-1-3-25-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:woocommerce:woocommerce:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.3.25


Vulnérabilité ID : CVE-2023-32595

Première publication le : 25-08-2023 11:15:08
Dernière modification le : 28-08-2023 13:34:38

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.

CVE ID : CVE-2023-32595
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/fast-search-powered-by-solr/wordpress-sunny-search-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:palasthotel:sunny_search:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.0.2


Vulnérabilité ID : CVE-2023-32596

Première publication le : 25-08-2023 11:15:08
Dernière modification le : 28-08-2023 13:34:46

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wolfgang Ertl weebotLite plugin <= 1.0.0 versions.

CVE ID : CVE-2023-32596
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/weebotlite/wordpress-weebotlite-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:wolfgangertl:weebotlite:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.0.0


Source : m-files.com

Vulnérabilité ID : CVE-2023-3425

Première publication le : 25-08-2023 09:15:08
Dernière modification le : 25-08-2023 12:47:00

Description :
Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory.

CVE ID : CVE-2023-3425
Source : security@m-files.com
Score CVSS : 6.5

Références :
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3425 | source : security@m-files.com

Vulnérabilité : CWE-125


Source : redhat.com

Vulnérabilité ID : CVE-2023-38201

Première publication le : 25-08-2023 17:15:08
Dernière modification le : 25-08-2023 17:51:53

Description :
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.

CVE ID : CVE-2023-38201
Source : secalert@redhat.com
Score CVSS : 6.5

Références :
https://access.redhat.com/security/cve/CVE-2023-38201 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222693 | source : secalert@redhat.com
https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a | source : secalert@redhat.com
https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww | source : secalert@redhat.com


Source : github.com

Vulnérabilité ID : CVE-2023-40579

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. Some end users of OpenFGA v1.3.0 or earlier are vulnerable to authorization bypass when calling the ListObjects API. The vulnerability affects customers using `ListObjects` with specific models. The affected models contain expressions of type `rel1 from type1`. This issue has been patched in version 1.3.1.

CVE ID : CVE-2023-40579
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/openfga/openfga/releases/tag/v1.3.1 | source : security-advisories@github.com
https://github.com/openfga/openfga/security/advisories/GHSA-jcf2-mxr2-gmqp | source : security-advisories@github.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-32678

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they used to have access to, if other relevant organization permissions allow these actions. For example, a user may be able to edit or delete their old messages they posted in such a private stream. An administrator will be able to delete old messages (that they had access to) from the private stream. This issue was fixed in Zulip Server version 7.3.

CVE ID : CVE-2023-32678
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/zulip/zulip/security/advisories/GHSA-q3wg-jm9p-35fj | source : security-advisories@github.com
https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-7-3 | source : security-advisories@github.com

Vulnérabilité : CWE-285


Vulnérabilité ID : CVE-2023-40036

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

CVE ID : CVE-2023-40036
Source : security-advisories@github.com
Score CVSS : 5.5

Références :
https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/ | source : security-advisories@github.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-40164

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

CVE ID : CVE-2023-40164
Source : security-advisories@github.com
Score CVSS : 5.5

Références :
https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/ | source : security-advisories@github.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-40166

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

CVE ID : CVE-2023-40166
Source : security-advisories@github.com
Score CVSS : 5.5

Références :
https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/ | source : security-advisories@github.com

Vulnérabilité : CWE-120
Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-40179

Première publication le : 25-08-2023 01:15:08
Dernière modification le : 25-08-2023 03:55:07

Description :
Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member of the site. Since version 1.3.6, the "Enter the code" form is always returned, showing the message "If the entered email is associated with an account, a code will be sent now". This change prevents potential violators from determining if our site has a user with the specified email.

CVE ID : CVE-2023-40179
Source : security-advisories@github.com
Score CVSS : 5.3

Références :
https://github.com/mesosoi/silverwaregames-io-issue-tracker/security/advisories/GHSA-789j-chfj-58hr | source : security-advisories@github.com

Vulnérabilité : CWE-204


Vulnérabilité ID : CVE-2023-40570

Première publication le : 25-08-2023 01:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords. The `/-/api` API explorer endpoint could reveal the names of both databases and tables - but not their contents - to an unauthenticated user. Datasette 1.0a4 has a fix for this issue. This will block access to the API explorer but will still allow access to the Datasette read or write JSON APIs, as those use different URL patterns within the Datasette `/database` hierarchy. This issue is patched in version 1.0a4.

CVE ID : CVE-2023-40570
Source : security-advisories@github.com
Score CVSS : 5.3

Références :
https://github.com/simonw/datasette/commit/01e0558825b8f7ec17d3b691aa072daf122fcc74 | source : security-advisories@github.com
https://github.com/simonw/datasette/security/advisories/GHSA-7ch3-7pp7-7cpq | source : security-advisories@github.com

Vulnérabilité : CWE-213


Vulnérabilité ID : CVE-2023-40170

Première publication le : 28-08-2023 21:15:07
Dernière modification le : 28-08-2023 21:15:07

Description :
jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issue has been addressed in commit `87a49272728` which has been included in release `2.7.2`. Users are advised to upgrade. Users unable to upgrade may use the lower performance `--ContentsManager.files_handler_class=jupyter_server.files.handlers.FilesHandler`, which implements the correct checks.

CVE ID : CVE-2023-40170
Source : security-advisories@github.com
Score CVSS : 4.6

Références :
https://github.com/jupyter-server/jupyter_server/commit/87a4927272819f0b1cae1afa4c8c86ee2da002fd | source : security-advisories@github.com
https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-64x5-55rw-9974 | source : security-advisories@github.com

Vulnérabilité : CWE-284
Vulnérabilité : CWE-306


Vulnérabilité ID : CVE-2023-40587

Première publication le : 25-08-2023 21:15:09
Dernière modification le : 26-08-2023 04:05:04

Description :
Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a `index.html` file that is located exactly one directory above the location of the static view's file system path. No further path traversal exists, and the only file that could be disclosed accidentally is `index.html`. Pyramid version 2.0.2 rejects any path that contains a null-byte out of caution. While valid in directory/file names, we would strongly consider it a mistake to use null-bytes in naming files/directories. Secondly, Python 3.11, and 3.12 has fixed the underlying issue in `os.path.normpath` to no longer truncate on the first `0x00` found, returning the behavior to pre-3.11 Python, un an as of yet unreleased version. Fixes will be available in:Python 3.12.0rc2 and 3.11.5. Some workarounds are available. Use a version of Python 3 that is not affected, downgrade to Python 3.10 series temporarily, or wait until Python 3.11.5 is released and upgrade to the latest version of Python 3.11 series.

CVE ID : CVE-2023-40587
Source : security-advisories@github.com
Score CVSS : 4.3

Références :
https://github.com/Pylons/pyramid/commit/347d7750da6f45c7436dd0c31468885cc9343c85 | source : security-advisories@github.com
https://github.com/Pylons/pyramid/security/advisories/GHSA-j8g2-6fc7-q8f8 | source : security-advisories@github.com
https://github.com/python/cpython/issues/106242 | source : security-advisories@github.com
https://github.com/python/cpython/pull/106816 | source : security-advisories@github.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-39968

Première publication le : 28-08-2023 21:15:07
Dernière modification le : 28-08-2023 21:15:07

Description :
jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause successful login or an already logged-in session to be redirected to arbitrary sites, which should be restricted to Jupyter Server-served URLs. This issue has been addressed in commit `29036259` which is included in release 2.7.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-39968
Source : security-advisories@github.com
Score CVSS : 4.3

Références :
https://github.com/jupyter-server/jupyter_server/commit/290362593b2ffb23c59f8114d76f77875de4b925 | source : security-advisories@github.com
https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-r726-vmfq-j9j3 | source : security-advisories@github.com

Vulnérabilité : CWE-601


Vulnérabilité ID : CVE-2023-39348

Première publication le : 28-08-2023 20:15:08
Dernière modification le : 28-08-2023 20:15:08

Description :
Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log system, the risk is slightly higher than a "low" since token exposure could grant elevated access to repositories outside of control. If using READ restricted tokens, the exposure is such that the token itself could be used to access resources otherwise restricted from reads. This only affects users of GitHub Status Notifications. This issue has been addressed in pull request 1316. Users are advised to upgrade. Users unable to upgrade should disable GH Status Notifications, Filter their logs for Echo log data and use read-only tokens that are limited in scope.

CVE ID : CVE-2023-39348
Source : security-advisories@github.com
Score CVSS : 4.0

Références :
https://github.com/spinnaker/echo/pull/1316 | source : security-advisories@github.com
https://github.com/spinnaker/spinnaker/security/advisories/GHSA-rq5c-hvw6-8pr7 | source : security-advisories@github.com

Vulnérabilité : CWE-532


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-26270

Première publication le : 28-08-2023 01:15:09
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119.

CVE ID : CVE-2023-26270
Source : psirt@us.ibm.com
Score CVSS : 6.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6995161 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-38730

Première publication le : 27-08-2023 23:15:34
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 262268.

CVE ID : CVE-2023-38730
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262268 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028841 | source : psirt@us.ibm.com

Vulnérabilité : CWE-327


Vulnérabilité ID : CVE-2023-30436

Première publication le : 27-08-2023 23:15:33
Dernière modification le : 28-08-2023 05:16:07

Description :
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.

CVE ID : CVE-2023-30436
Source : psirt@us.ibm.com
Score CVSS : 5.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252292 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028506 | source : psirt@us.ibm.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30437

Première publication le : 27-08-2023 23:15:34
Dernière modification le : 28-08-2023 05:16:07

Description :
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.

CVE ID : CVE-2023-30437
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252293 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028506 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-23473

Première publication le : 28-08-2023 01:15:08
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.

CVE ID : CVE-2023-23473
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/245400 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6988169 | source : psirt@us.ibm.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-24959

Première publication le : 28-08-2023 01:15:08
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.

CVE ID : CVE-2023-24959
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/246332 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6988615 | source : psirt@us.ibm.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-26271

Première publication le : 28-08-2023 01:15:09
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 248126.

CVE ID : CVE-2023-26271
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/248126 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6995161 | source : psirt@us.ibm.com

Vulnérabilité : CWE-307


Vulnérabilité ID : CVE-2023-26272

Première publication le : 28-08-2023 01:15:09
Dernière modification le : 28-08-2023 05:16:01

Description :
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 248133.

CVE ID : CVE-2023-26272
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/248133 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6995161 | source : psirt@us.ibm.com

Vulnérabilité : CWE-209


Vulnérabilité ID : CVE-2022-43909

Première publication le : 27-08-2023 23:15:33
Dernière modification le : 28-08-2023 05:16:07

Description :
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.

CVE ID : CVE-2022-43909
Source : psirt@us.ibm.com
Score CVSS : 4.6

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/240905 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028511 | source : psirt@us.ibm.com

Vulnérabilité : CWE-79


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4560

Première publication le : 28-08-2023 01:15:10
Dernière modification le : 28-08-2023 05:16:01

Description :
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.

CVE ID : CVE-2023-4560
Source : security@huntr.dev
Score CVSS : 6.5

Références :
https://github.com/omeka/omeka-s/commit/b3d8871f22e50ff96a7070fd0be18a0df7b6cbe7 | source : security@huntr.dev
https://huntr.dev/bounties/86f06e28-ed8d-4f96-b4ad-e47f2fe94ba6 | source : security@huntr.dev

Vulnérabilité : CWE-612


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4542

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238047. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4542
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/PumpkinBridge/cve/blob/main/rce.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238047 | source : cna@vuldb.com
https://vuldb.com/?id.238047 | source : cna@vuldb.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-4543

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238048. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4543
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/spcck/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238048 | source : cna@vuldb.com
https://vuldb.com/?id.238048 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4545

Première publication le : 26-08-2023 07:15:10
Dernière modification le : 28-08-2023 05:16:07

Description :
A vulnerability was found in IBOS OA 4.5.5. It has been classified as critical. Affected is an unknown function of the file ?r=recruit/bgchecks/export&checkids=x. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238056. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4545
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/siyu15/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238056 | source : cna@vuldb.com
https://vuldb.com/?id.238056 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4548

Première publication le : 26-08-2023 10:15:11
Dernière modification le : 28-08-2023 18:15:09

Description :
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filter[brandid] leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-238059.

CVE ID : CVE-2023-4548
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
http://packetstormsecurity.com/files/174344/SPA-Cart-eCommerce-CMS-1.9.0.3-SQL-Injection.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.238059 | source : cna@vuldb.com
https://vuldb.com/?id.238059 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4556

Première publication le : 27-08-2023 07:15:13
Dernière modification le : 28-08-2023 05:16:07

Description :
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is the function mysqli_query of the file sexit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-238154 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-4556
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://blog.csdn.net/weixin_43864034/article/details/132508000 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238154 | source : cna@vuldb.com
https://vuldb.com/?id.238154 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4557

Première publication le : 27-08-2023 23:15:35
Dernière modification le : 28-08-2023 05:16:01

Description :
A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_purchase_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238158 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-4557
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/ZhangXiaoDan1/cve_hub/blob/main/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%204.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.238158 | source : cna@vuldb.com
https://vuldb.com/?id.238158 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4558

Première publication le : 27-08-2023 23:15:36
Dernière modification le : 28-08-2023 05:16:01

Description :
A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staff_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238159.

CVE ID : CVE-2023-4558
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory%20Management%20System%20SQLi%20staff_data.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238159 | source : cna@vuldb.com
https://vuldb.com/?id.238159 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4559

Première publication le : 27-08-2023 23:15:36
Dernière modification le : 28-08-2023 05:16:01

Description :
A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-238160.

CVE ID : CVE-2023-4559
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.238160 | source : cna@vuldb.com
https://vuldb.com/?id.238160 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-4544

Première publication le : 26-08-2023 05:15:49
Dernière modification le : 28-08-2023 05:16:07

Description :
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238049 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4544
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://github.com/jo1995hn/cve/blob/main/s856.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238049 | source : cna@vuldb.com
https://vuldb.com/?id.238049 | source : cna@vuldb.com

Vulnérabilité : CWE-425


Source : jetbrains.com

Vulnérabilité ID : CVE-2023-41249

Première publication le : 25-08-2023 13:15:07
Dernière modification le : 28-08-2023 13:35:45

Description :
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step

CVE ID : CVE-2023-41249
Source : security@jetbrains.com
Score CVSS : 6.1

Références :
https://www.jetbrains.com/privacy-security/issues-fixed/ | source : security@jetbrains.com

Vulnérabilité : CWE-79

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-41250

Première publication le : 25-08-2023 13:15:07
Dernière modification le : 28-08-2023 13:35:55

Description :
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration

CVE ID : CVE-2023-41250
Source : security@jetbrains.com
Score CVSS : 6.1

Références :
https://www.jetbrains.com/privacy-security/issues-fixed/ | source : security@jetbrains.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-41248

Première publication le : 25-08-2023 13:15:07
Dernière modification le : 28-08-2023 13:35:32

Description :
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration

CVE ID : CVE-2023-41248
Source : security@jetbrains.com
Score CVSS : 5.4

Références :
https://www.jetbrains.com/privacy-security/issues-fixed/ | source : security@jetbrains.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*


Source : mitre.org

Vulnérabilité ID : CVE-2023-39742

Première publication le : 25-08-2023 14:15:09
Dernière modification le : 28-08-2023 13:59:41

Description :
giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.

CVE ID : CVE-2023-39742
Source : cve@mitre.org
Score CVSS : 5.5

Références :
https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084 | source : cve@mitre.org
https://sourceforge.net/p/giflib/bugs/166/ | source : cve@mitre.org

Vulnérabilité : CWE-120

Produit vulnérable : cpe:2.3:a:giflib_project:giflib:5.2.1:*:*:*:*:*:*:*


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4520

Première publication le : 25-08-2023 03:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update via the 'save' function in versions up to, and including, 7.5.37.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, and makes it possible to update the user metas arbitrarily, but the meta value can only be a string.

CVE ID : CVE-2023-4520
Source : security@wordfence.com
Score CVSS : 5.4

Références :
https://plugins.trac.wordpress.org/browser/fv-wordpress-flowplayer/tags/7.5.36.7212/models/custom-videos.php#L341 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2957322/fv-wordpress-flowplayer#file2 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/c55ca7d4-6bc0-49c9-8ce0-50fff8775a76?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-32755

Première publication le : 25-08-2023 07:15:08
Dernière modification le : 25-08-2023 12:47:05

Description :
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.

CVE ID : CVE-2023-32755
Source : twcert@cert.org.tw
Score CVSS : 5.3

Références :
https://www.twcert.org.tw/tw/cp-132-7328-d4112-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-209


Source : esri.com

Vulnérabilité ID : CVE-2023-25848

Première publication le : 25-08-2023 19:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.

CVE ID : CVE-2023-25848
Source : psirt@esri.com
Score CVSS : 5.3

Références :
https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/ | source : psirt@esri.com

Vulnérabilité : CWE-319


Source : mattermost.com

Vulnérabilité ID : CVE-2023-4478

Première publication le : 25-08-2023 10:15:09
Dernière modification le : 25-08-2023 12:47:00

Description :
Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts.

CVE ID : CVE-2023-4478
Source : responsibledisclosure@mattermost.com
Score CVSS : 4.3

Références :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnérabilité : CWE-74


(8) Vulnérabilité(s) LOW [0.1, 3.9]

Source : github.com

Vulnérabilité ID : CVE-2023-40182

Première publication le : 25-08-2023 01:15:08
Dernière modification le : 25-08-2023 03:55:07

Description :
Silverware Games is a premium social network where people can play games online. When using the Recovery form, a noticeably different amount of time passes depending of whether the specified email address presents in our database or not. This has been fixed in version 1.3.7.

CVE ID : CVE-2023-40182
Source : security-advisories@github.com
Score CVSS : 3.7

Références :
https://github.com/mesosoi/silverwaregames-io-issue-tracker/security/advisories/GHSA-9684-6j5x-ccx9 | source : security-advisories@github.com

Vulnérabilité : CWE-208


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4534

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
A vulnerability, which was classified as problematic, was found in NeoMind Fusion Platform up to 20230731. Affected is an unknown function of the file /fusion/portal/action/Link. The manipulation of the argument link leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238026 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4534
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://l6x.notion.site/PoC-9f23bb9757374f82981de81604500d98?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238026 | source : cna@vuldb.com
https://vuldb.com/?id.238026 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4546

Première publication le : 26-08-2023 08:15:08
Dernière modification le : 28-08-2023 05:16:07

Description :
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The identifier VDB-238057 was assigned to this vulnerability.

CVE ID : CVE-2023-4546
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/hutianshuai/CVE/blob/main/information_disclosure.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238057 | source : cna@vuldb.com
https://vuldb.com/?id.238057 | source : cna@vuldb.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-4547

Première publication le : 26-08-2023 09:15:09
Dernière modification le : 28-08-2023 18:15:09

Description :
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-4547
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
http://packetstormsecurity.com/files/174343/SPA-Cart-eCommerce-CMS-1.9.0.3-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.238058 | source : cna@vuldb.com
https://vuldb.com/?id.238058 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4555

Première publication le : 27-08-2023 07:15:07
Dernière modification le : 28-08-2023 05:16:07

Description :
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file suppliar_data.php. The manipulation of the argument name/company leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238153 was assigned to this vulnerability.

CVE ID : CVE-2023-4555
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory-Management-System-XSS.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238153 | source : cna@vuldb.com
https://vuldb.com/?id.238153 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2016-15035

Première publication le : 28-08-2023 04:15:08
Dernière modification le : 28-08-2023 05:16:01

Description :
A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified as problematic. This affects an unknown part of the file js_on_radio-emergency.de_/re_chat.js. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named bd17d497ddd3bab4ef9c6831c747c37cc016c570. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-238155.

CVE ID : CVE-2016-15035
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238155 | source : cna@vuldb.com
https://vuldb.com/?id.238155 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2017-20186

Première publication le : 28-08-2023 13:15:08
Dernière modification le : 28-08-2023 19:28:54

Description :
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The manipulation of the argument cleanName leads to denial of service. Upgrading to version 1.21.0 is able to address this issue. The name of the patch is fd6318d99083a06363091441a0614bd2f21068e6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-238156. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2017-20186
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://forums.alliedmods.net/showthread.php?t=297179 | source : cna@vuldb.com
https://github.com/nikooo777/ckSurf/commit/fd6318d99083a06363091441a0614bd2f21068e6 | source : cna@vuldb.com
https://github.com/nikooo777/ckSurf/releases/tag/1.21.0 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238156 | source : cna@vuldb.com
https://vuldb.com/?id.238156 | source : cna@vuldb.com

Vulnérabilité : CWE-404


Vulnérabilité ID : CVE-2018-25089

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to version 0.2 is able to address this issue. The identifier of the patch is 850c726d6bbfe0bf270801fbb92a30babea4155c. It is recommended to upgrade the affected component. The identifier VDB-238157 was assigned to this vulnerability.

CVE ID : CVE-2018-25089
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/glb/mediawiki-tag-extension-meetup/commit/850c726d6bbfe0bf270801fbb92a30babea4155c | source : cna@vuldb.com
https://github.com/glb/mediawiki-tag-extension-meetup/releases/tag/v0.2 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238157 | source : cna@vuldb.com
https://vuldb.com/?id.238157 | source : cna@vuldb.com

Vulnérabilité : CWE-1022


(83) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-39699

Première publication le : 25-08-2023 00:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows attackers to include or execute files from the local file system of the targeted server.

CVE ID : CVE-2023-39699
Source : cve@mitre.org
Score CVSS : /

Références :
https://cwe.mitre.org/data/definitions/98.html | source : cve@mitre.org
https://drive.google.com/file/d/1NkqL4ySJApyPy8B-zDC7vE-QMBQAu8OU | source : cve@mitre.org
https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39700

Première publication le : 25-08-2023 00:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.

CVE ID : CVE-2023-39700
Source : cve@mitre.org
Score CVSS : /

Références :
https://cwe.mitre.org/data/definitions/79.html | source : cve@mitre.org
https://drive.google.com/file/d/1QL_517UbTFJox4CXKQpP9fehR1yXRJ-y | source : cve@mitre.org
https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS) | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38973

Première publication le : 25-08-2023 01:15:08
Dernière modification le : 25-08-2023 03:55:07

Description :
A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.

CVE ID : CVE-2023-38973
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38974

Première publication le : 25-08-2023 01:15:08
Dernière modification le : 25-08-2023 03:55:07

Description :
A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.

CVE ID : CVE-2023-38974
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS4.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40217

Première publication le : 25-08-2023 01:15:09
Dernière modification le : 25-08-2023 03:55:07

Description :
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)

CVE ID : CVE-2023-40217
Source : cve@mitre.org
Score CVSS : /

Références :
https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/ | source : cve@mitre.org
https://www.python.org/dev/security/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41173

Première publication le : 25-08-2023 07:15:09
Dernière modification le : 25-08-2023 12:47:00

Description :
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets.

CVE ID : CVE-2023-41173
Source : cve@mitre.org
Score CVSS : /

Références :
https://adguard-dns.io/en/versions.html#2.2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41167

Première publication le : 25-08-2023 14:15:10
Dernière modification le : 25-08-2023 14:45:01

Description :
@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the editor.js rich text editor to handle rich text content. The CMS stores rich text content from the editor.js into the database. When the @webiny/react-rich-text-renderer is used to render such content, it uses the dangerouslySetInnerHTML prop, without applying HTML sanitization. The issue arises when an actor, who in this context would specifically be a content manager with access to the CMS, inserts a malicious script as part of the user-defined input. This script is then injected and executed within the user's browser when the main page or admin page loads.

CVE ID : CVE-2023-41167
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/webiny/webiny-js/security/advisories/GHSA-3x59-vrmc-5mx6 | source : cve@mitre.org
https://webiny.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40799

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.

CVE ID : CVE-2023-40799
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/blob/main/Tenda/AC23/sub_450A4C | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40800

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.

CVE ID : CVE-2023-40800
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/compare_parentcontrol_time | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40801

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn

CVE ID : CVE-2023-40801
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_451784 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40802

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn

CVE ID : CVE-2023-40802
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/get_parentControl_list_Info | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40915

Première publication le : 25-08-2023 15:15:09
Dernière modification le : 25-08-2023 17:51:53

Description :
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.

CVE ID : CVE-2023-40915
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Korey0sh1/IoT_vuln/blob/main/Tenda/AX3/form_fast_setting_wifi_set.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-11711

Première publication le : 25-08-2023 16:15:07
Dernière modification le : 25-08-2023 17:51:53

Description :
An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possible to inject malicious HTML content in order to execute JavaScript inside a victim's browser. This results in a stored XSS on the authentication interface of the admin panel. Moreover, an unsecured authentication form is present on the authentication interface of the SSL VPN captive portal. Users are allowed to save their credentials inside the browser. If an administrator saves his credentials through this unsecured form, these credentials could be stolen via the stored XSS on the admin panel without user interaction. Another possible exploitation would be modification of the authentication form of the admin panel into a malicious form.

CVE ID : CVE-2020-11711
Source : cve@mitre.org
Score CVSS : /

Références :
https://advisories.stormshield.eu/2020-011/ | source : cve@mitre.org
https://twitter.com/_ACKNAK_ | source : cve@mitre.org
https://www.digitemis.com/category/blog/actualite/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40796

Première publication le : 25-08-2023 16:15:08
Dernière modification le : 25-08-2023 17:51:53

Description :
Phicomm k2 v22.6.529.216 is vulnerable to command injection.

CVE ID : CVE-2023-40796
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40797

Première publication le : 25-08-2023 16:15:08
Dernière modification le : 25-08-2023 17:51:53

Description :
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.

CVE ID : CVE-2023-40797
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_4781A4 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40798

Première publication le : 25-08-2023 16:15:08
Dernière modification le : 25-08-2023 17:51:53

Description :
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.

CVE ID : CVE-2023-40798
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-27932

Première publication le : 25-08-2023 20:15:07
Dernière modification le : 26-08-2023 04:05:04

Description :
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions.

CVE ID : CVE-2021-27932
Source : cve@mitre.org
Score CVSS : /

Références :
https://advisories.stormshield.eu | source : cve@mitre.org
https://advisories.stormshield.eu/2021-004/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-24620

Première publication le : 25-08-2023 20:15:07
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in Esoteric YamlBeans through 1.15. A crafted YAML document is able perform am XML Entity Expansion attack against YamlBeans YamlReader. By exploiting the Anchor feature in YAML, it is possible to generate a small YAML document that, when read, is expanded to a large size, causing CPU and memory consumption, such as a Java Out-of-Memory exception.

CVE ID : CVE-2023-24620
Source : cve@mitre.org
Score CVSS : /

Références :
https://contrastsecurity.com | source : cve@mitre.org
https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md | source : cve@mitre.org
https://github.com/EsotericSoftware | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-24621

Première publication le : 25-08-2023 20:15:07
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.

CVE ID : CVE-2023-24621
Source : cve@mitre.org
Score CVSS : /

Références :
https://contrastsecurity.com | source : cve@mitre.org
https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md | source : cve@mitre.org
https://github.com/EsotericSoftware | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36198

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function.

CVE ID : CVE-2023-36198
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/skalenetwork/sgxwallet/issues/419 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36199

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.

CVE ID : CVE-2023-36199
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/skalenetwork/sgxwallet/issues/419 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37249

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.

CVE ID : CVE-2023-37249
Source : cve@mitre.org
Score CVSS : /

Références :
https://community.infoblox.com/t5/trending-kb-articles/nios-is-vulnerable-to-cve-2023-37249/ba-p/32190 | source : cve@mitre.org
https://infoblox.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39600

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.

CVE ID : CVE-2023-39600
Source : cve@mitre.org
Score CVSS : /

Références :
http://icewrap.com | source : cve@mitre.org
https://medium.com/@katikitala.sushmitha078/cross-site-scripting-reflected-xss-in-icewarp-server-cve-2023-39600-310a7e1c8817 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39707

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section.

CVE ID : CVE-2023-39707
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/b94d7ce74fcf16014e282a9b525f4555#file-cve-2023-39707 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38710

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.

CVE ID : CVE-2023-38710
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libreswan/libreswan/tags | source : cve@mitre.org
https://libreswan.org/security/CVE-2023-38710/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38711

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.

CVE ID : CVE-2023-38711
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libreswan/libreswan/tags | source : cve@mitre.org
https://libreswan.org/security/CVE-2023-38711/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38712

Première publication le : 25-08-2023 21:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.

CVE ID : CVE-2023-38712
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libreswan/libreswan/tags | source : cve@mitre.org
https://libreswan.org/security/CVE-2023-38712/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34723

Première publication le : 25-08-2023 22:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain sensitive information via /config/system.conf.

CVE ID : CVE-2023-34723
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725 | source : cve@mitre.org
https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39287

Première publication le : 25-08-2023 22:15:10
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.

CVE ID : CVE-2023-39287
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0010 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39288

Première publication le : 25-08-2023 22:15:10
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.

CVE ID : CVE-2023-39288
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0011 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39289

Première publication le : 25-08-2023 22:15:10
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information.

CVE ID : CVE-2023-39289
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0011 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39290

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.

CVE ID : CVE-2023-39290
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0012 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39291

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 26-08-2023 04:05:04

Description :
A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.

CVE ID : CVE-2023-39291
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.mitel.com/support/security-advisories | source : cve@mitre.org
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0013 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41121

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 26-08-2023 04:05:04

Description :
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.

CVE ID : CVE-2023-41121
Source : cve@mitre.org
Score CVSS : /

Références :
https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547 | source : cve@mitre.org
https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-46783

Première publication le : 28-08-2023 12:15:08
Dernière modification le : 28-08-2023 13:07:56

Description :
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.

CVE ID : CVE-2022-46783
Source : cve@mitre.org
Score CVSS : /

Références :
https://advisories.stormshield.eu/ | source : cve@mitre.org
https://advisories.stormshield.eu/2022-029/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-26095

Première publication le : 28-08-2023 12:15:08
Dernière modification le : 28-08-2023 13:07:56

Description :
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet.

CVE ID : CVE-2023-26095
Source : cve@mitre.org
Score CVSS : /

Références :
https://advisories.stormshield.eu/2023-007/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34758

Première publication le : 28-08-2023 12:15:09
Dernière modification le : 28-08-2023 13:07:56

Description :
Sliver from v1.5.x to v1.5.39 has an improper cryptographic implementation, which allows attackers to execute a man-in-the-middle attack via intercepted and crafted responses.

CVE ID : CVE-2023-34758
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/BishopFox/sliver/releases/tag/v1.5.40 | source : cve@mitre.org
https://github.com/advisories/GHSA-8jxm-xp43-qh3q | source : cve@mitre.org
https://github.com/tangent65536/Slivjacker | source : cve@mitre.org
https://www.chtsecurity.com/news/04f41dcc-1851-463c-93bc-551323ad8091 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36481

Première publication le : 28-08-2023 12:15:09
Dernière modification le : 28-08-2023 13:07:56

Description :
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.

CVE ID : CVE-2023-36481
Source : cve@mitre.org
Score CVSS : /

Références :
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40748

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
PHPJabbers Food Delivery Script 3.0 has a SQL injection (SQLi) vulnerability in the "q" parameter of index.php.

CVE ID : CVE-2023-40748
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/food-delivery-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40749

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php.

CVE ID : CVE-2023-40749
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/food-delivery-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40750

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.

CVE ID : CVE-2023-40750
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/yacht-listing-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40751

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php.

CVE ID : CVE-2023-40751
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/fundraising-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40752

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.

CVE ID : CVE-2023-40752
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/make-an-offer-widget | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40753

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2.

CVE ID : CVE-2023-40753
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/ticket-support-script | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40754

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.

CVE ID : CVE-2023-40754
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/car-rental-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40755

Première publication le : 28-08-2023 13:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0.

CVE ID : CVE-2023-40755
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/callback-widget/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40756

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40756
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/callback-widget/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40757

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40757
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/food-delivery-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40758

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40758
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/document-creator/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40759

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHP Jabbers Restaurant Booking Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40759
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/restaurant-booking-system/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40760

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40760
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/hotel-booking-system/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40761

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40761
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/yacht-listing-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40762

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40762
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/fundraising-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40763

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40763
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/taxi-booking-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40764

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40764
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/car-rental-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40765

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40765
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/event-booking-calendar/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40766

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40766
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/ticket-support-script/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40767

Première publication le : 28-08-2023 13:15:10
Dernière modification le : 28-08-2023 19:28:54

Description :
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

CVE ID : CVE-2023-40767
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f | source : cve@mitre.org
https://www.phpjabbers.com/make-an-offer-widget/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39708

Première publication le : 28-08-2023 14:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section.

CVE ID : CVE-2023-39708
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/6c544ae8bebd2a36926fd3fdc8d4d5c2#file-cve-2023-39708 | source : cve@mitre.org
https://www.sourcecodester.com | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40846

Première publication le : 28-08-2023 14:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.

CVE ID : CVE-2023-40846
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/9/9.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39560

Première publication le : 28-08-2023 17:15:09
Dernière modification le : 28-08-2023 19:28:54

Description :
ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.

CVE ID : CVE-2023-39560
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Luci4n555/cve_ectouch | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-27366

Première publication le : 28-08-2023 18:15:08
Dernière modification le : 28-08-2023 19:28:54

Description :
Cross Site Scripting (XSS) vulnerability in wlscanresults.html in Humax HGB10R-02 BRGCAB version 1.0.03, allows local attackers to execute arbitrary code.

CVE ID : CVE-2020-27366
Source : cve@mitre.org
Score CVSS : /

Références :
https://pastebin.com/sr0JR1ys | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39062

Première publication le : 28-08-2023 18:15:08
Dernière modification le : 28-08-2023 19:28:54

Description :
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php.

CVE ID : CVE-2023-39062
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/afine-com/CVE-2023-39062 | source : cve@mitre.org
https://github.com/sectroyer/CVEs/tree/main/CVE-2023-39062 | source : cve@mitre.org
https://github.com/spipu/html2pdf/blob/92afd81823d62ad95eb9d034858311bb63aeb4ac/CHANGELOG.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39562

Première publication le : 28-08-2023 19:15:07
Dernière modification le : 28-08-2023 19:28:54

Description :
GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.

CVE ID : CVE-2023-39562
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/ChanStormstout/Pocs/blob/master/gpac_POC/id%3A000000%2Csig%3A06%2Csrc%3A003771%2Ctime%3A328254%2Cexecs%3A120473%2Cop%3Ahavoc%2Crep%3A8 | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2537 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39709

Première publication le : 28-08-2023 19:15:07
Dernière modification le : 28-08-2023 19:28:54

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section.

CVE ID : CVE-2023-39709
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/4cb86f9239c73ccfeaf466352513b188#file-cve-2023-39709 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39810

Première publication le : 28-08-2023 19:15:07
Dernière modification le : 28-08-2023 19:28:54

Description :
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.

CVE ID : CVE-2023-39810
Source : cve@mitre.org
Score CVSS : /

Références :
http://busybox.com | source : cve@mitre.org
https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35785

Première publication le : 28-08-2023 20:15:08
Dernière modification le : 28-08-2023 20:15:08

Description :
Zoho ManageEngine ADManager Plus through 7186 is vulnerable to 2FA bypass.

CVE ID : CVE-2023-35785
Source : cve@mitre.org
Score CVSS : /

Références :
https://manageengine.com | source : cve@mitre.org
https://www.manageengine.com/security/advisory/CVE/CVE-2023-35785.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39578

Première publication le : 28-08-2023 20:15:08
Dernière modification le : 28-08-2023 20:15:08

Description :
A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field.

CVE ID : CVE-2023-39578
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/anh91/Zenario-xss/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41109

Première publication le : 28-08-2023 20:15:08
Dernière modification le : 28-08-2023 20:15:08

Description :
SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection.

CVE ID : CVE-2023-41109
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.syss.de/ | source : cve@mitre.org
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-019.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-24165

Première publication le : 28-08-2023 21:15:07
Dernière modification le : 28-08-2023 21:15:07

Description :
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS).

CVE ID : CVE-2020-24165
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugs.launchpad.net/qemu/+bug/1863025 | source : cve@mitre.org
https://pastebin.com/iqCbjdT8 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38969

Première publication le : 28-08-2023 21:15:07
Dernière modification le : 28-08-2023 21:15:07

Description :
Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function.

CVE ID : CVE-2023-38969
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS2.md | source : cve@mitre.org
https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vulnerability-in-add-books | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39652

Première publication le : 28-08-2023 21:15:07
Dernière modification le : 28-08-2023 21:15:07

Description :
theme volty tvcmsvideotab up to v4.0.0 was discovered to contain a SQL injection vulnerability via the component TvcmsVideoTabConfirmDeleteModuleFrontController::run().

CVE ID : CVE-2023-39652
Source : cve@mitre.org
Score CVSS : /

Références :
https://security.friendsofpresta.org/modules/2023/08/24/tvcmsvideotab.html | source : cve@mitre.org
https://themevolty.com/ | source : cve@mitre.org


Source : jpcert.or.jp

Vulnérabilité ID : CVE-2023-40599

Première publication le : 25-08-2023 03:15:08
Dernière modification le : 25-08-2023 03:55:07

Description :
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/search.cgi, estimate/estimate.js, search/search.js, suggest/suggest.js, and coupon/coupon.js.

CVE ID : CVE-2023-40599
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/jp/JVN86484824/ | source : vultures@jpcert.or.jp
https://www.synck.com/blogs/news/newsroom/detail_1691668841.html | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-40530

Première publication le : 25-08-2023 04:15:10
Dernière modification le : 25-08-2023 12:47:05

Description :
Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device.

CVE ID : CVE-2023-40530
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://apps.apple.com/jp/app/%E3%81%99%E3%81%8B%E3%81%84%E3%82%89%E3%83%BC%E3%81%8F%E3%82%A2%E3%83%97%E3%83%AA/id906930478 | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN03447226/ | source : vultures@jpcert.or.jp
https://play.google.com/store/apps/details?id=jp.co.skylark.app.gusto | source : vultures@jpcert.or.jp


Source : google.com

Vulnérabilité ID : CVE-2022-4452

Première publication le : 25-08-2023 15:15:08
Dernière modification le : 25-08-2023 17:51:53

Description :
Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4452
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://bugs.chromium.org/p/chromium/issues/detail?id=1372457 | source : chrome-cve-admin@google.com
https://crbug.com/1372457 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2019-13689

Première publication le : 25-08-2023 19:15:07
Dernière modification le : 26-08-2023 04:05:04

Description :
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)

CVE ID : CVE-2019-13689
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://bugs.chromium.org/p/chromium/issues/detail?id=960109 | source : chrome-cve-admin@google.com
https://crbug.com/960109 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2019-13690

Première publication le : 25-08-2023 19:15:08
Dernière modification le : 26-08-2023 04:05:04

Description :
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

CVE ID : CVE-2019-13690
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://bugs.chromium.org/p/chromium/issues/detail?id=960111 | source : chrome-cve-admin@google.com
https://crbug.com/960111 | source : chrome-cve-admin@google.com


Source : github.com

Vulnérabilité ID : CVE-2023-40568

Première publication le : 25-08-2023 20:15:08
Dernière modification le : 25-08-2023 20:15:08

Description :
** REJECT ** GitHub has been informed that the requestor is working with another CNA for these vulnerabilities.

CVE ID : CVE-2023-40568
Source : security-advisories@github.com
Score CVSS : /

Références :


Source : takeonme.org

Vulnérabilité ID : CVE-2023-2906

Première publication le : 25-08-2023 21:15:07
Dernière modification le : 26-08-2023 04:05:04

Description :
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

CVE ID : CVE-2023-2906
Source : cve@takeonme.org
Score CVSS : /

Références :
https://gitlab.com/wireshark/wireshark/-/issues/19229 | source : cve@takeonme.org
https://takeonme.org/cves/CVE-2023-2906.html | source : cve@takeonme.org

Vulnérabilité : CWE-369


Source : apache.org

Vulnérabilité ID : CVE-2023-41080

Première publication le : 25-08-2023 21:15:09
Dernière modification le : 26-08-2023 04:05:04

Description :
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.

CVE ID : CVE-2023-41080
Source : security@apache.org
Score CVSS : /

Références :
https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f | source : security@apache.org

Vulnérabilité : CWE-601


Vulnérabilité ID : CVE-2023-27604

Première publication le : 28-08-2023 08:15:14
Dernière modification le : 28-08-2023 13:07:56

Description :
Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections. It is recommended to upgrade to a version that is not affected. This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.

CVE ID : CVE-2023-27604
Source : security@apache.org
Score CVSS : /

Références :
https://github.com/apache/airflow/pull/33039 | source : security@apache.org
https://lists.apache.org/thread/lswlxf11do51ob7f6xyyg8qp3n7wdrgd | source : security@apache.org

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-40195

Première publication le : 28-08-2023 08:15:14
Dernière modification le : 28-08-2023 13:07:56

Description :
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks can effectively run arbitrary code on the Airflow node by pointing it at a malicious Spark server. Prior to version 4.1.3, this was not called out in the documentation explicitly, so it is possible that administrators provided authorizations to configure Spark hooks without taking this into account. We recommend administrators to review their configurations to make sure the authorization to configure Spark hooks is only provided to fully trusted users. To view the warning in the docs please visit https://airflow.apache.org/docs/apache-airflow-providers-apache-spark/4.1.3/connections/spark.html

CVE ID : CVE-2023-40195
Source : security@apache.org
Score CVSS : /

Références :
https://github.com/apache/airflow/pull/33233 | source : security@apache.org
https://lists.apache.org/thread/fzy95b1d6zv31j5wrx3znhzcscck2o24 | source : security@apache.org

Vulnérabilité : CWE-502
Vulnérabilité : CWE-829


Source : redhat.com

Vulnérabilité ID : CVE-2023-4524

Première publication le : 25-08-2023 22:15:11
Dernière modification le : 25-08-2023 22:15:11

Description :
** REJECT ** CVE reject in favor of CVE-2023-40547

CVE ID : CVE-2023-4524
Source : secalert@redhat.com
Score CVSS : /

Références :


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.