Dernières vulnérabilités du Lundi 31 Juillet 2023 + weekend

Dernières vulnérabilités du Lundi 31 Juillet 2023 + weekend
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 31/07/2023 à 23:58:02

(3) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-32225

Première publication le : 30-07-2023 08:15:46
Dernière modification le : 31-07-2023 12:54:52

Description :
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.

CVE ID : CVE-2023-32225
Source : cna@cyber.gov.il
Score CVSS : 9.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-32227

Première publication le : 30-07-2023 09:15:09
Dernière modification le : 31-07-2023 12:54:52

Description :
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials

CVE ID : CVE-2023-32227
Source : cna@cyber.gov.il
Score CVSS : 9.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-37214

Première publication le : 30-07-2023 09:15:10
Dernière modification le : 31-07-2023 12:54:52

Description :
Heights Telecom ERO1xS-Pro Dual-Band FW version BZ_ERO1XP.025.

CVE ID : CVE-2023-37214
Source : cna@cyber.gov.il
Score CVSS : 9.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il


(18) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-37213

Première publication le : 30-07-2023 09:15:10
Dernière modification le : 31-07-2023 12:54:52

Description :
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'

CVE ID : CVE-2023-37213
Source : cna@cyber.gov.il
Score CVSS : 8.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-32226

Première publication le : 30-07-2023 08:15:47
Dernière modification le : 31-07-2023 12:54:52

Description :
Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.

CVE ID : CVE-2023-32226
Source : cna@cyber.gov.il
Score CVSS : 8.3

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-552


Vulnérabilité ID : CVE-2023-37216

Première publication le : 30-07-2023 10:15:09
Dernière modification le : 31-07-2023 12:54:52

Description :
AnaSystem SensMini M4 – Using the configuration tool, an authenticated user can cause Denial of Service for the device

CVE ID : CVE-2023-37216
Source : cna@cyber.gov.il
Score CVSS : 7.5

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il


Vulnérabilité ID : CVE-2023-37218

Première publication le : 30-07-2023 11:15:09
Dernière modification le : 31-07-2023 12:54:52

Description :
Tadiran Telecom Aeonix - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE ID : CVE-2023-37218
Source : cna@cyber.gov.il
Score CVSS : 7.5

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-37219

Première publication le : 30-07-2023 11:15:09
Dernière modification le : 31-07-2023 12:54:52

Description :
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File

CVE ID : CVE-2023-37219
Source : cna@cyber.gov.il
Score CVSS : 7.3

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-1236


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4006

Première publication le : 31-07-2023 01:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.

CVE ID : CVE-2023-4006
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/thorsten/phpmyfaq/commit/03946eca488724251eaed8d9d36fed92e6d8fd22 | source : security@huntr.dev
https://huntr.dev/bounties/36149a42-cbd5-445e-a371-e351c899b189 | source : security@huntr.dev

Vulnérabilité : CWE-1236


Vulnérabilité ID : CVE-2023-4007

Première publication le : 31-07-2023 01:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16.

CVE ID : CVE-2023-4007
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/thorsten/phpmyfaq/commit/40eb9685198128908e83c2bef4c228751fd43a0e | source : security@huntr.dev
https://huntr.dev/bounties/e891dcbc-2092-49d3-9518-23e37187a5ea | source : security@huntr.dev

Vulnérabilité : CWE-79


Source : splunk.com

Vulnérabilité ID : CVE-2023-3997

Première publication le : 31-07-2023 17:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability accessed through the user’s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user’s action.

CVE ID : CVE-2023-3997
Source : prodsec@splunk.com
Score CVSS : 8.6

Références :
https://advisory.splunk.com/advisories/SVD-2023-0702 | source : prodsec@splunk.com


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-34360

Première publication le : 31-07-2023 06:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.

CVE ID : CVE-2023-34360
Source : twcert@cert.org.tw
Score CVSS : 8.2

Références :
https://https://www.twcert.org.tw/tw/cp-132-7281-dc87d-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34358

Première publication le : 31-07-2023 05:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.

CVE ID : CVE-2023-34358
Source : twcert@cert.org.tw
Score CVSS : 7.5

Références :
https://www.twcert.org.tw/tw/cp-132-7279-05760-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2023-34359

Première publication le : 31-07-2023 05:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

CVE ID : CVE-2023-34359
Source : twcert@cert.org.tw
Score CVSS : 7.5

Références :
https://www.twcert.org.tw/tw/cp-132-7280-bea85-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-125


Source : redhat.com

Vulnérabilité ID : CVE-2023-4004

Première publication le : 31-07-2023 17:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

CVE ID : CVE-2023-4004
Source : secalert@redhat.com
Score CVSS : 7.8

Références :
https://access.redhat.com/security/cve/CVE-2023-4004 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2225275 | source : secalert@redhat.com
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/ | source : secalert@redhat.com


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-24971

Première publication le : 31-07-2023 02:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976.

CVE ID : CVE-2023-24971
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/246976 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7014933 | source : psirt@us.ibm.com

Vulnérabilité : CWE-502


Vulnérabilité ID : CVE-2022-43831

Première publication le : 31-07-2023 01:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. IBM X-Force ID: 238941.

CVE ID : CVE-2022-43831
Source : psirt@us.ibm.com
Score CVSS : 7.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/238941 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7015067 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-35019

Première publication le : 31-07-2023 01:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

CVE ID : CVE-2023-35019
Source : psirt@us.ibm.com
Score CVSS : 7.2

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/257873 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7014397 | source : psirt@us.ibm.com

Vulnérabilité : CWE-78


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3985

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability has been found in SourceCodester Online Jewelry Store 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235606 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3985
Source : cna@vuldb.com
Score CVSS : 7.3

Références :
https://github.com/MaxLiu98/Jewelry-Store-System/blob/main/Jewelry%20Store%20System%20login.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235606 | source : cna@vuldb.com
https://vuldb.com/?id.235606 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Source : cert.vde.com

Vulnérabilité ID : CVE-2023-3670

Première publication le : 28-07-2023 08:15:10
Dernière modification le : 28-07-2023 13:44:31

Description :
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

CVE ID : CVE-2023-3670
Source : info@cert.vde.com
Score CVSS : 7.3

Références :
https://cert.vde.com/en/advisories/VDE-2023-024 | source : info@cert.vde.com

Vulnérabilité : CWE-668


Source : ch.abb.com

Vulnérabilité ID : CVE-2023-2685

Première publication le : 28-07-2023 12:15:09
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started with system user privileges which could cause a shift in user access privileges. It is unlikely to exploit the vulnerability in well maintained Windows installations since the attacker would need write access to system folders. An update is available that resolves the vulnerability found during an internal review in the product AO-OPC = 3.2.1

CVE ID : CVE-2023-2685
Source : cybersecurity@ch.abb.com
Score CVSS : 7.2

Références :
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A4093&LanguageCode=en&DocumentPartId=&Action=Launch | source : cybersecurity@ch.abb.com

Vulnérabilité : CWE-428


(19) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : github.com

Vulnérabilité ID : CVE-2023-37467

Première publication le : 28-07-2023 15:15:10
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a CSP (Content Security Policy) nonce reuse vulnerability was discovered could allow cross-site scripting (XSS) attacks to bypass CSP protection for anonymous (i.e. unauthenticated) users. There are no known XSS vectors at the moment, but should one be discovered, this vulnerability would allow the XSS attack to bypass CSP and execute successfully. This vulnerability isn't applicable to logged-in users. Version 3.1.0.beta7 contains a patch. The stable branch doesn't have this vulnerability. A workaround to prevent the vulnerability is to disable Google Tag Manager, i.e., unset the `gtm container id` setting.

CVE ID : CVE-2023-37467
Source : security-advisories@github.com
Score CVSS : 6.8

Références :
https://github.com/discourse/discourse/commit/0976c8fad6970b6182e7837bf87de07709407f25 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-gr5h-hm62-jr3j | source : security-advisories@github.com

Vulnérabilité : CWE-323


Vulnérabilité ID : CVE-2023-38684

Première publication le : 28-07-2023 16:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an upper bound, the software may allow arbitrary users to generate DB queries which may end up exhausting the resources on the server. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-38684
Source : security-advisories@github.com
Score CVSS : 5.3

Références :
https://github.com/discourse/discourse/commit/bfc3132bb22bd5b7e86f428746b89c4d3d7f5a70 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-ff7g-xv79-hgmf | source : security-advisories@github.com

Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-37906

Première publication le : 28-07-2023 16:15:11
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can edit a post in a topic and cause a DoS with a carefully crafted edit reason. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-37906
Source : security-advisories@github.com
Score CVSS : 4.3

Références :
https://github.com/discourse/discourse/commit/dcc825bda505a344eda403a1b8733f30e784034a | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-pjv6-47x6-mx7c | source : security-advisories@github.com

Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-38498

Première publication le : 28-07-2023 16:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. There are no known workarounds for this vulnerability. Users of multisite configurations should upgrade.

CVE ID : CVE-2023-38498
Source : security-advisories@github.com
Score CVSS : 4.3

Références :
https://github.com/discourse/discourse/commit/26e267478d785e2f32ee7da4613e2cf4a65ff182 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-wv29-rm3f-4g2j | source : security-advisories@github.com

Vulnérabilité : CWE-400
Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-38685

Première publication le : 28-07-2023 16:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches.

CVE ID : CVE-2023-38685
Source : security-advisories@github.com
Score CVSS : 4.3

Références :
https://github.com/discourse/discourse/commit/073661142369a0a66c25775cc3870582a679ef8b | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-wx6x-q4gp-mgv5 | source : security-advisories@github.com

Vulnérabilité : CWE-200


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-35016

Première publication le : 31-07-2023 01:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772.

CVE ID : CVE-2023-35016
Source : psirt@us.ibm.com
Score CVSS : 6.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/25772 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7014397 | source : psirt@us.ibm.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-22595

Première publication le : 31-07-2023 02:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244076.

CVE ID : CVE-2023-22595
Source : psirt@us.ibm.com
Score CVSS : 5.4

Références :
https://www.ibm.com/support/pages/node/7014929 | source : psirt@us.ibm.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2020-4868

Première publication le : 31-07-2023 02:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744.

CVE ID : CVE-2020-4868
Source : psirt@us.ibm.com
Score CVSS : 4.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/190744 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7015393 | source : psirt@us.ibm.com

Vulnérabilité : CWE-209


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3984

Première publication le : 28-07-2023 03:15:09
Dernière modification le : 28-07-2023 13:44:36

Description :
A vulnerability, which was classified as critical, was found in phpscriptpoint RecipePoint 1.9. This affects an unknown part of the file /recipe-result. The manipulation of the argument text/category/type/difficulty/cuisine/cooking_method leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-235605 was assigned to this vulnerability.

CVE ID : CVE-2023-3984
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.235605 | source : cna@vuldb.com
https://vuldb.com/?id.235605 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3987

Première publication le : 28-07-2023 06:15:11
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage_user&id=3. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235608.

CVE ID : CVE-2023-3987
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Men's%20Salon%20Management%20System/SQL%20Injection | source : cna@vuldb.com
https://vuldb.com/?ctiid.235608 | source : cna@vuldb.com
https://vuldb.com/?id.235608 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3988

Première publication le : 28-07-2023 06:15:11
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235609 was assigned to this vulnerability.

CVE ID : CVE-2023-3988
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/excuses0217/CveHub/blob/main/Cafe%20Billing%20System%20index.php%20has%20Sqlinjection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235609 | source : cna@vuldb.com
https://vuldb.com/?id.235609 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-37215

Première publication le : 30-07-2023 09:15:10
Dernière modification le : 31-07-2023 12:54:52

Description :
JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials

CVE ID : CVE-2023-37215
Source : cna@cyber.gov.il
Score CVSS : 6.2

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-37217

Première publication le : 30-07-2023 11:15:09
Dernière modification le : 31-07-2023 12:54:52

Description :
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy

CVE ID : CVE-2023-37217
Source : cna@cyber.gov.il
Score CVSS : 5.3

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-204


Source : mitre.org

Vulnérabilité ID : CVE-2023-35791

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
Vound Intella Connect 2.6.0.3 has an Open Redirect vulnerability.

CVE ID : CVE-2023-35791
Source : cve@mitre.org
Score CVSS : 6.1

Références :
https://excellium-services.com/cert-xlm-advisory/CVE-2023-35791 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35792

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting (XSS).

CVE ID : CVE-2023-35792
Source : cve@mitre.org
Score CVSS : 5.4

Références :
https://excellium-services.com/cert-xlm-advisory/CVE-2023-35792 | source : cve@mitre.org


Source : hashicorp.com

Vulnérabilité ID : CVE-2023-3774

Première publication le : 28-07-2023 01:15:09
Dernière modification le : 28-07-2023 13:44:36

Description :
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

CVE ID : CVE-2023-3774
Source : security@hashicorp.com
Score CVSS : 4.9

Références :
https://discuss.hashicorp.com/t/hcsec-2023-23-vault-enterprise-namespace-creation-may-lead-to-denial-of-service/56617 | source : security@hashicorp.com

Vulnérabilité : CWE-703


Source : redhat.com

Vulnérabilité ID : CVE-2023-4010

Première publication le : 31-07-2023 17:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.

CVE ID : CVE-2023-4010
Source : secalert@redhat.com
Score CVSS : 4.6

Références :
https://access.redhat.com/security/cve/CVE-2023-4010 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2227726 | source : secalert@redhat.com
https://github.com/wanrenmi/a-usb-kernel-bug | source : secalert@redhat.com


Source : wordfence.com

Vulnérabilité ID : CVE-2023-0958

Première publication le : 28-07-2023 05:15:09
Dernière modification le : 28-07-2023 13:44:36

Description :
Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticated attackers with minimal permissions, such as subscribers, to install select plugins from Inisev on vulnerable sites. CVE-2023-38514 appears to be a duplicate of this vulnerability.

CVE ID : CVE-2023-0958
Source : security@wordfence.com
Score CVSS : 4.3

Références :
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/misc.php#L426 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banner/misc.php#L339 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.7/banner/misc.php#L351 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/feedburner-alternative-and-rss-redirect/tags/3.7/modules/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/http-https-remover/tags/3.2.3/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.1.9/modules/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.2.0/modules/banner/misc.php#L432 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/redirect-redirection/tags/1.1.3/includes/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.4/banner/misc.php#L343 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.5/banner/misc.php#L351 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.0/banner/misc.php#L424 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.2/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-plus/tags/3.5.7/banner/misc.php#L424 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.7/modules/banner/misc.php#L438 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.8/modules/banner/misc.php#L432 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2944041/ultimate-social-media-plus/tags/3.5.8/banner/misc.php?old=2823720&old_path=ultimate-social-media-plus%2Ftags%2F3.5.7%2Fbanner%2Fmisc.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?old_path=%2Fcopy-delete-posts%2Ftags%2F1.3.8&old=2923021&new_path=%2Fcopy-delete-posts%2Ftags%2F1.3.9&new=2923021&sfp_email=&sfph_mail= | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823769%40http-https-remover%2Ftags%2F3.2.3&new=2944114%40http-https-remover%2Ftags%2F3.2.4 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823770%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.7&new=2944116%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.8#file115 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/cf7bdd0e-f3b3-4be5-8a30-2c6d9cb783a3?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-3977

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 13:44:31

Description :
Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for unauthenticated attackers to install plugins from the limited list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-3977
Source : security@wordfence.com
Score CVSS : 4.3

Références :
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/misc.php#L426 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banner/misc.php#L339 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.7/banner/misc.php#L351 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/feedburner-alternative-and-rss-redirect/tags/3.7/modules/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/http-https-remover/tags/3.2.3/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.1.9/modules/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.2.0/modules/banner/misc.php#L432 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/redirect-redirection/tags/1.1.3/includes/banner/misc.php#L427 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.4/banner/misc.php#L343 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.5/banner/misc.php#L351 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.0/banner/misc.php#L424 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.2/banner/misc.php#L434 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/ultimate-social-media-plus/tags/3.5.7/banner/misc.php#L424 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.7/modules/banner/misc.php#L438 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.8/modules/banner/misc.php#L432 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2944041/ultimate-social-media-plus/tags/3.5.8/banner/misc.php?old=2823720&old_path=ultimate-social-media-plus%2Ftags%2F3.5.7%2Fbanner%2Fmisc.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?old_path=%2Fcopy-delete-posts%2Ftags%2F1.3.8&old=2923021&new_path=%2Fcopy-delete-posts%2Ftags%2F1.3.9&new=2923021&sfp_email=&sfph_mail= | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823769%40http-https-remover%2Ftags%2F3.2.3&new=2944114%40http-https-remover%2Ftags%2F3.2.4 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823770%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.7&new=2944116%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.8#file115 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ab7c8926-c762-49b1-bc97-4b7a2f4f97fc?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-352


(6) Vulnérabilité(s) LOW [0.1, 3.9]

Source : silabs.com

Vulnérabilité ID : CVE-2023-3488

Première publication le : 28-07-2023 16:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

CVE ID : CVE-2023-3488
Source : product-security@silabs.com
Score CVSS : 3.8

Références :
https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1 | source : product-security@silabs.com
https://github.com/SiliconLabs/gecko_sdk/releases | source : product-security@silabs.com

Vulnérabilité : CWE-908


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4005

Première publication le : 31-07-2023 01:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5.

CVE ID : CVE-2023-4005
Source : security@huntr.dev
Score CVSS : 3.8

Références :
https://github.com/fossbilling/fossbilling/commit/20c23b051eb690cb4ae60a257f6bb46eb3aae2d1 | source : security@huntr.dev
https://huntr.dev/bounties/f0aacce1-79bc-4765-95f1-7e824433b9e4 | source : security@huntr.dev

Vulnérabilité : CWE-613


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3989

Première publication le : 28-07-2023 07:15:09
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-235610 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3989
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/zouzuo1994321/Jewelry-Store-System/blob/main/Jewelry%20Store%20System%20add_customer.php%20has%20Cross%20Site%20Scripting(Xss)%20vulnerability.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235610 | source : cna@vuldb.com
https://vuldb.com/?id.235610 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3990

Première publication le : 28-07-2023 07:15:09
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-235611.

CVE ID : CVE-2023-3990
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://gitee.com/mingSoft/MCMS/issues/I7K4DQ | source : cna@vuldb.com
https://vuldb.com/?ctiid.235611 | source : cna@vuldb.com
https://vuldb.com/?id.235611 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3986

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 13:44:31

Description :
A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name/Username leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235607.

CVE ID : CVE-2023-3986
Source : cna@vuldb.com
Score CVSS : 2.4

Références :
https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Men's%20Salon%20Management%20System/Stored%20XSS | source : cna@vuldb.com
https://vuldb.com/?ctiid.235607 | source : cna@vuldb.com
https://vuldb.com/?id.235607 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Source : github.com

Vulnérabilité ID : CVE-2023-37904

Première publication le : 28-07-2023 16:15:11
Dernière modification le : 28-07-2023 16:41:43

Description :
Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, more users than permitted could be created from invite links. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. As a workaround, use restrict to email address invites.

CVE ID : CVE-2023-37904
Source : security-advisories@github.com
Score CVSS : 2.6

Références :
https://github.com/discourse/discourse/commit/62a609ea2d0645a27ee8adbb01ce10a5e03a600b | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-6wj5-4ph2-c7qg | source : security-advisories@github.com

Vulnérabilité : CWE-362


(118) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2022-31454

Première publication le : 28-07-2023 02:15:10
Dernière modification le : 28-07-2023 13:44:36

Description :
Yii 2 v2.0.45 was discovered to contain a cross-site scripting (XSS) vulnerability via the endpoint /books.

CVE ID : CVE-2022-31454
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@rohitgautam26/cve-2022-31454-8e8555c31fd3 | source : cve@mitre.org
https://www.acunetix.com/vulnerabilities/web/cross-site-scripting/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38331

Première publication le : 28-07-2023 02:15:10
Dernière modification le : 28-07-2023 13:44:36

Description :
Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS in the products module.

CVE ID : CVE-2023-38331
Source : cve@mitre.org
Score CVSS : /

Références :
https://manageengine.com | source : cve@mitre.org
https://www.manageengine.com/products/service-desk/CVE-2023-38331.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31932

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file.

CVE ID : CVE-2023-31932
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug5-SQL-Injection-viewid.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31933

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file.

CVE ID : CVE-2023-31933
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug4-SQL-Injection-editid2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31934

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.

CVE ID : CVE-2023-31934
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug1-XSS-in-Admin-Name.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31935

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.

CVE ID : CVE-2023-31935
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug1-XSS-in-Admin-Name.md | source : cve@mitre.org
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug2-XSS-in-Email-address.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31936

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file.

CVE ID : CVE-2023-31936
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug6-SQL-Injection-viewid2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31937

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:51:32

Description :
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file.

CVE ID : CVE-2023-31937
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug3-SQL-Injection-editid.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37754

Première publication le : 28-07-2023 15:15:11
Dernière modification le : 28-07-2023 16:41:43

Description :
PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail.

CVE ID : CVE-2023-37754
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/PowerJob/PowerJob/ | source : cve@mitre.org
https://github.com/PowerJob/PowerJob/issues/675 | source : cve@mitre.org
https://novysodope.github.io/2023/07/02/100/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38992

Première publication le : 28-07-2023 15:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData.

CVE ID : CVE-2023-38992
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jeecgboot/jeecg-boot/issues/5173 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39010

Première publication le : 28-07-2023 15:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. This vulnerability is exploited by loading a crafted camera calibration file.

CVE ID : CVE-2023-39010
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lessthanoptimal/BoofCV/issues/406 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39013

Première publication le : 28-07-2023 15:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init.

CVE ID : CVE-2023-39013
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/larsga/Duke/issues/273 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39015

Première publication le : 28-07-2023 15:15:12
Dernière modification le : 28-07-2023 16:41:43

Description :
webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader.

CVE ID : CVE-2023-39015
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/code4craft/webmagic/issues/1122 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39016

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39016
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/bboss/bboss/issues/I7MH08 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39017

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39017
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/quartz-scheduler/quartz/issues/943 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39018

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39018
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/bramp/ffmpeg-cli-wrapper/issues/291 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39020

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39020
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LetianYuan/My-CVE-Public-References/tree/main/edu_stanford_nlp_stanford-parser | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39021

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39021
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LetianYuan/My-CVE-Public-References/tree/main/com_wix_wix-embedded-mysql | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39022

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39022
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LetianYuan/My-CVE-Public-References/tree/main/opensymphony_oscore | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39023

Première publication le : 28-07-2023 15:15:13
Dernière modification le : 28-07-2023 16:41:43

Description :
university compass v2.2.0 and below was discovered to contain a code injection vulnerability in the component org.compass.core.executor.DefaultExecutorManager.configure. This vulnerability is exploited via passing an unchecked argument.

CVE ID : CVE-2023-39023
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LetianYuan/My-CVE-Public-References/tree/main/org_compass-project_compass | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38988

Première publication le : 28-07-2023 21:15:14
Dernière modification le : 31-07-2023 12:55:03

Description :
An issue in the delete function in the OaNotifyController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete notifications created by Administrators.

CVE ID : CVE-2023-38988
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/thinkgem/jeesite/issues/517 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35861

Première publication le : 31-07-2023 13:15:09
Dernière modification le : 31-07-2023 14:45:51

Description :
A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC.

CVE ID : CVE-2023-35861
Source : cve@mitre.org
Score CVSS : /

Références :
https://blog.freax13.de/cve/cve-2023-35861 | source : cve@mitre.org
https://www.supermicro.com/en/products/motherboards | source : cve@mitre.org
https://www.supermicro.com/en/support/security_SMTP_Jun_2023 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37647

Première publication le : 31-07-2023 13:15:09
Dernière modification le : 31-07-2023 14:45:51

Description :
SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php.

CVE ID : CVE-2023-37647
Source : cve@mitre.org
Score CVSS : /

Références :
http://semcms.com | source : cve@mitre.org
https://gitee.com/ants12/sem-cms_-shop_210918_v1.5-sql-injection-exists-s/tree/master/ | source : cve@mitre.org
https://www.sem-cms.cn/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-21662

Première publication le : 31-07-2023 14:15:09
Dernière modification le : 31-07-2023 14:45:51

Description :
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF.

CVE ID : CVE-2020-21662
Source : cve@mitre.org
Score CVSS : /

Références :
http://note.youdao.com/noteshare?id=5c3b984ee36dfd1da690e0b5963926bc | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-21881

Première publication le : 31-07-2023 14:15:09
Dernière modification le : 31-07-2023 14:45:51

Description :
Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add.

CVE ID : CVE-2020-21881
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/annyshow/DuxCMS2.1/issues/I183GG | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-31651

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Cross Site Scripting (XSS) vulnerability in neofarg-cms 0.2.3 allows remoate attacker to run arbitrary code via the copyright field in copyright settings.

CVE ID : CVE-2021-31651
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/NeoFrag/NeoFrag/issues/92 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-31680

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary code via crafted yaml file.

CVE ID : CVE-2021-31680
Source : cve@mitre.org
Score CVSS : /

Références :
https://huntr.dev/bounties/1-other-yolov5/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-31681

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary code via crafted yaml file.

CVE ID : CVE-2021-31681
Source : cve@mitre.org
Score CVSS : /

Références :
https://huntr.dev/bounties/1-other-yolov3/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33534

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process.

CVE ID : CVE-2023-33534
Source : cve@mitre.org
Score CVSS : /

Références :
https://rodelllemit.medium.com/cve-2023-33534-account-takeover-through-csrf-vulnerability-461de6f1b696 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34635

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection. The vulnerability occurs because of not validating or sanitizing the user input in the username field of the login page.

CVE ID : CVE-2023-34635
Source : cve@mitre.org
Score CVSS : /

Références :
http://packetstormsecurity.com/files/173669/Wifi-Soft-Unibox-Administration-3.0-3.1-SQL-Injection.html | source : cve@mitre.org
https://www.exploit-db.com/exploits/51610 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34644

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows remote attackers to gain escalated privileges via crafted POST request to /cgi-bin/luci/api/auth.

CVE ID : CVE-2023-34644
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.ruijie.com.cn/gy/xw-aqtg-gw/91389/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34842

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php.

CVE ID : CVE-2023-34842
Source : cve@mitre.org
Score CVSS : /

Références :
http://dedecms.com | source : cve@mitre.org
https://www.dedecms.com/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34872

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

CVE ID : CVE-2023-34872
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe | source : cve@mitre.org
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36089

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-36089
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.dlink.com/en/security-bulletin/ | source : cve@mitre.org
https://www.dlink.com/en/support | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36090

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-36090
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.dlink.com/en/security-bulletin/ | source : cve@mitre.org
https://www.dlink.com/en/support | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36091

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-36091
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.dlink.com/en/security-bulletin/ | source : cve@mitre.org
https://www.dlink.com/en/support | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36092

Première publication le : 31-07-2023 14:15:10
Dernière modification le : 31-07-2023 14:45:51

Description :
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-36092
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.dlink.com/en/security-bulletin/ | source : cve@mitre.org
https://www.dlink.com/en/support | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38303

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter.

CVE ID : CVE-2023-38303
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38303 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38304

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in the Group Name field when creating a new group.

CVE ID : CVE-2023-38304
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38304 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38305

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when the download link is accessed.

CVE ID : CVE-2023-38305
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38305 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38306

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is detected. However, by following certain steps, an attacker can bypass these restrictions and inject malicious code.

CVE ID : CVE-2023-38306
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38306 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38307

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.

CVE ID : CVE-2023-38307
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38307 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38308

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

CVE ID : CVE-2023-38308
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38308 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38309

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser.

CVE ID : CVE-2023-38309
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38309 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38310

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an attacker to store an XSS payload in the configuration settings of specific log files. This results in the execution of that payload whenever the affected log files are accessed.

CVE ID : CVE-2023-38310
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38310 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38311

Première publication le : 31-07-2023 15:15:10
Dernière modification le : 31-07-2023 15:31:16

Description :
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page.

CVE ID : CVE-2023-38311
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38311 | source : cve@mitre.org
https://webmin.com/tags/webmin-changelog/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-36763

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.

CVE ID : CVE-2020-36763
Source : cve@mitre.org
Score CVSS : /

Références :
https://gitee.com/annyshow/DuxCMS2.1/issues/I183GG | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34916

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Fuge CMS v1.0 contains an Open Redirect vulnerability via /front/ProcessAct.java.

CVE ID : CVE-2023-34916
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/fuge/cms/issues/4 | source : cve@mitre.org
https://payatu.com/advisory/unvalidated-open-redirection-fuge-cms-v1-0/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34917

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Fuge CMS v1.0 contains an Open Redirect vulnerability in member/RegisterAct.java.

CVE ID : CVE-2023-34917
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/fuge/cms/issues/3 | source : cve@mitre.org
https://payatu.com/advisory/unvalidated-redirection-vulnerability-in-fuge-cms-v1-0/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37580

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.

CVE ID : CVE-2023-37580
Source : cve@mitre.org
Score CVSS : /

Références :
https://wiki.zimbra.com/wiki/Security_Center | source : cve@mitre.org
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37771

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php.

CVE ID : CVE-2023-37771
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/anky-123/CVE-2023-37771/blob/main/CVE | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38750

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 17:30:17

Description :
In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed.

CVE ID : CVE-2023-38750
Source : cve@mitre.org
Score CVSS : /

Références :
https://wiki.zimbra.com/wiki/Security_Center | source : cve@mitre.org
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38989

Première publication le : 31-07-2023 18:15:10
Dernière modification le : 31-07-2023 18:26:42

Description :
An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information.

CVE ID : CVE-2023-38989
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/thinkgem/jeesite/issues/518 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-42182

Première publication le : 31-07-2023 20:15:09
Dernière modification le : 31-07-2023 20:15:09

Description :
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal.

CVE ID : CVE-2022-42182
Source : cve@mitre.org
Score CVSS : /

Références :
https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf | source : cve@mitre.org
https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-42183

Première publication le : 31-07-2023 20:15:10
Dernière modification le : 31-07-2023 20:15:10

Description :
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF).

CVE ID : CVE-2022-42183
Source : cve@mitre.org
Score CVSS : /

Références :
https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf | source : cve@mitre.org
https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1 | source : cve@mitre.org


Source : apple.com

Vulnérabilité ID : CVE-2023-28203

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 13:44:36

Description :
The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.

CVE ID : CVE-2023-28203
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213833 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32427

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 13:44:36

Description :
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic.

CVE ID : CVE-2023-32427
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213833 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32444

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:11

Description :
A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.

CVE ID : CVE-2023-32444
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32445

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 13:44:36

Description :
This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.

CVE ID : CVE-2023-32445
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-32654

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:11

Description :
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user.

CVE ID : CVE-2023-32654
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-34425

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-34425
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com
https://support.apple.com/kb/HT213841 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-36495

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-36495
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com
https://support.apple.com/kb/HT213841 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213846 | source : product-security@apple.com
https://support.apple.com/kb/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-37285

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-37285
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38571

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences.

CVE ID : CVE-2023-38571
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38590

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

CVE ID : CVE-2023-38590
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com
https://support.apple.com/kb/HT213841 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213846 | source : product-security@apple.com
https://support.apple.com/kb/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38592

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 13:44:31

Description :
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2023-38592
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38598

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 21:15:13

Description :
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38598
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com
https://support.apple.com/kb/HT213841 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213846 | source : product-security@apple.com
https://support.apple.com/kb/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38599

Première publication le : 28-07-2023 05:15:10
Dernière modification le : 28-07-2023 13:44:31

Description :
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information.

CVE ID : CVE-2023-38599
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213847 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38601

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 21:15:13

Description :
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to modify protected parts of the file system.

CVE ID : CVE-2023-38601
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38604

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 21:15:14

Description :
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2023-38604
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213841 | source : product-security@apple.com
https://support.apple.com/en-us/HT213842 | source : product-security@apple.com
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/en-us/HT213844 | source : product-security@apple.com
https://support.apple.com/en-us/HT213845 | source : product-security@apple.com
https://support.apple.com/en-us/HT213846 | source : product-security@apple.com
https://support.apple.com/en-us/HT213848 | source : product-security@apple.com
https://support.apple.com/kb/HT213841 | source : product-security@apple.com
https://support.apple.com/kb/HT213842 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213844 | source : product-security@apple.com
https://support.apple.com/kb/HT213845 | source : product-security@apple.com
https://support.apple.com/kb/HT213846 | source : product-security@apple.com
https://support.apple.com/kb/HT213848 | source : product-security@apple.com


Vulnérabilité ID : CVE-2023-38609

Première publication le : 28-07-2023 05:15:11
Dernière modification le : 28-07-2023 21:15:14

Description :
An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences.

CVE ID : CVE-2023-38609
Source : product-security@apple.com
Score CVSS : /

Références :
https://support.apple.com/en-us/HT213843 | source : product-security@apple.com
https://support.apple.com/kb/HT213843 | source : product-security@apple.com


Source : redhat.com

Vulnérabilité ID : CVE-2023-39190

Première publication le : 28-07-2023 14:15:10
Dernière modification le : 28-07-2023 14:15:10

Description :
** REJECT ** CVE-2023-39190 was found to be a duplicate of CVE-2023-31436. Please see https://access.redhat.com/security/cve/CVE-2023-31436 for information about affected products and security errata.

CVE ID : CVE-2023-39190
Source : secalert@redhat.com
Score CVSS : /

Références :


Source : google.com

Vulnérabilité ID : CVE-2023-3598

Première publication le : 28-07-2023 21:15:14
Dernière modification le : 31-07-2023 12:55:03

Description :
Out of bounds read and write in ANGLE in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-3598
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1427865 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4316

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:55:03

Description :
Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2021-4316
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1152952 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4317

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:55:03

Description :
Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2021-4317
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1260783 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4318

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:55:03

Description :
Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2021-4318
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html | source : chrome-cve-admin@google.com
https://crbug.com/1237730 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4319

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:55:03

Description :
Use after free in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2021-4319
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1214199 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4320

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2021-4320
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html | source : chrome-cve-admin@google.com
https://crbug.com/1224238 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4321

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Policy bypass in Blink in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2021-4321
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html | source : chrome-cve-admin@google.com
https://crbug.com/1161891 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4322

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE ID : CVE-2021-4322
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html | source : chrome-cve-admin@google.com
https://crbug.com/1190550 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4323

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE ID : CVE-2021-4323
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html | source : chrome-cve-admin@google.com
https://crbug.com/1176031 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2021-4324

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium)

CVE ID : CVE-2021-4324
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html | source : chrome-cve-admin@google.com
https://crbug.com/1193233 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4906

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4906
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.html | source : chrome-cve-admin@google.com
https://crbug.com/1382434 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4907

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4907
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.html | source : chrome-cve-admin@google.com
https://crbug.com/1358168 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4908

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4908
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html | source : chrome-cve-admin@google.com
https://crbug.com/1359122 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4909

Première publication le : 29-07-2023 00:15:10
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2022-4909
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html | source : chrome-cve-admin@google.com
https://crbug.com/1356211 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4910

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4910
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html | source : chrome-cve-admin@google.com
https://crbug.com/1279268 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4911

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2022-4911
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html | source : chrome-cve-admin@google.com
https://crbug.com/1349493 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4912

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4912
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1350909 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4913

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4913
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1183604 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4914

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4914
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1232402 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4915

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Inappropriate implementation in URL Formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4915
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html | source : chrome-cve-admin@google.com
https://crbug.com/1329541 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4916

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4916
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html | source : chrome-cve-admin@google.com
https://crbug.com/1317714 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4917

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2022-4917
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html | source : chrome-cve-admin@google.com
https://crbug.com/1311683 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4918

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4918
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html | source : chrome-cve-admin@google.com
https://crbug.com/1315102 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4919

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4919
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html | source : chrome-cve-admin@google.com
https://crbug.com/1312450 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4920

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:58

Description :
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4920
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html | source : chrome-cve-admin@google.com
https://crbug.com/1306861 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4921

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2022-4921
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1262902 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4922

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4922
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1261191 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4923

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. (Chromium security severity: Low)

CVE ID : CVE-2022-4923
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1251065 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4924

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2022-4924
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1272967 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4925

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Insufficient validation of untrusted input in QUIC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform header splitting via malicious network traffic. (Chromium security severity: Low)

CVE ID : CVE-2022-4925
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1238309 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2022-4926

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2022-4926
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html | source : chrome-cve-admin@google.com
https://crbug.com/1368230 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-2311

Première publication le : 29-07-2023 00:15:11
Dernière modification le : 31-07-2023 12:54:52

Description :
Insufficient policy enforcement in File System API in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-2311
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1354505 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-2313

Première publication le : 29-07-2023 00:15:12
Dernière modification le : 31-07-2023 12:54:52

Description :
Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a malicious file. (Chromium security severity: High)

CVE ID : CVE-2023-2313
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/1335974 | source : chrome-cve-admin@google.com


Vulnérabilité ID : CVE-2023-2314

Première publication le : 29-07-2023 00:15:12
Dernière modification le : 31-07-2023 12:54:52

Description :
Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2023-2314
Source : chrome-cve-admin@google.com
Score CVSS : /

Références :
https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html | source : chrome-cve-admin@google.com
https://crbug.com/813542 | source : chrome-cve-admin@google.com


Source : apache.org

Vulnérabilité ID : CVE-2023-36542

Première publication le : 29-07-2023 08:15:48
Dernière modification le : 31-07-2023 12:54:52

Description :
Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation.

CVE ID : CVE-2023-36542
Source : security@apache.org
Score CVSS : /

Références :
http://seclists.org/fulldisclosure/2023/Jul/43 | source : security@apache.org
http://www.openwall.com/lists/oss-security/2023/07/29/1 | source : security@apache.org
https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof | source : security@apache.org
https://nifi.apache.org/security.html#CVE-2023-36542 | source : security@apache.org

Vulnérabilité : CWE-94


Source : wpscan.com

Vulnérabilité ID : CVE-2022-4888

Première publication le : 31-07-2023 10:15:09
Dernière modification le : 31-07-2023 12:54:46

Description :
The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2, Advanced Free Gifts WordPress plugin before 1.0.2, Gift Registry for WooCommerce WordPress plugin through 1.0.1, Image Watermark for WooCommerce WordPress plugin before 1.0.1, Order Approval for WooCommerce WordPress plugin before 1.1.0, Order Tracking for WooCommerce WordPress plugin before 1.0.2, Price Calculator for WooCommerce WordPress plugin through 1.0.3, Product Dynamic Pricing and Discounts WordPress plugin through 1.0.6, Product Labels and Stickers WordPress plugin through 1.0.1 have flawed CSRF checks in various places, which could allow attackers to make logged in users perform unwanted actions

CVE ID : CVE-2022-4888
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc | source : contact@wpscan.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-0602

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.

CVE ID : CVE-2023-0602
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/c357f93d-4f21-4cd9-9378-d97756c75255 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3130

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-3130
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/6e167864-c304-402e-8b2d-d47b5a3767d1 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3134

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks.

CVE ID : CVE-2023-3134
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/6d50d3cc-7563-42c4-977b-f834fee711da | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3292

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-3292
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/d993c385-c3ad-49a6-b079-3a1b090864c8 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3345

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The LMS by Masteriyo WordPress plugin before 1.6.8 does not properly safeguards sensitive user information, like other user's email addresses, making it possible for any students to leak them via some of the plugin's REST API endpoints.

CVE ID : CVE-2023-3345
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/0d07423e-98d2-43a3-824d-562747a3d65a | source : contact@wpscan.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-3507

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack

CVE ID : CVE-2023-3507
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/e72bbe9b-e51d-40ab-820d-404e0cb86ee6 | source : contact@wpscan.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-3508

Première publication le : 31-07-2023 10:15:10
Dernière modification le : 31-07-2023 12:54:46

Description :
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when processing its tab actions, which could allow attackers to make logged in admins email pre-orders customer, change the released date, mark all pre-orders of a specific product as complete or cancel via CSRF attacks

CVE ID : CVE-2023-3508
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/064c7acb-db57-4537-8a6d-32f7ea31c738 | source : contact@wpscan.com

Vulnérabilité : CWE-352


Source : openssl.org

Vulnérabilité ID : CVE-2023-3817

Première publication le : 31-07-2023 16:15:10
Dernière modification le : 31-07-2023 18:15:10

Description :
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

CVE ID : CVE-2023-3817
Source : openssl-security@openssl.org
Score CVSS : /

Références :
http://www.openwall.com/lists/oss-security/2023/07/31/1 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 | source : openssl-security@openssl.org
https://www.openssl.org/news/secadv/20230731.txt | source : openssl-security@openssl.org


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4026

Première publication le : 31-07-2023 17:15:10
Dernière modification le : 31-07-2023 17:15:10

Description :
** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-4024. Reason: This record is a duplicate of CVE-2023-4024. Notes: All CVE users should reference CVE-2023-4024 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

CVE ID : CVE-2023-4026
Source : security@wordfence.com
Score CVSS : /

Références :


Source : tenable.com

Vulnérabilité ID : CVE-2023-3983

Première publication le : 31-07-2023 19:15:18
Dernière modification le : 31-07-2023 19:15:18

Description :
An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection.

CVE ID : CVE-2023-3983
Source : vulnreport@tenable.com
Score CVSS : /

Références :
https://www.tenable.com/security/research/tra-2023-24 | source : vulnreport@tenable.com


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.