Dernières vulnérabilités du Lundi 4 Septembre 2023 + weekend

Dernières vulnérabilités du Lundi 4 Septembre 2023 + weekend
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 04/09/2023 à 23:58:02

(8) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : ubuntu.com

Vulnérabilité ID : CVE-2023-1523

Première publication le : 01-09-2023 19:15:42
Dernière modification le : 01-09-2023 21:15:30

Description :
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.

CVE ID : CVE-2023-1523
Source : security@ubuntu.com
Score CVSS : 10.0

Références :
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523 | source : security@ubuntu.com
https://github.com/snapcore/snapd/pull/12849 | source : security@ubuntu.com
https://marc.info/?l=oss-security&m=167879021709955&w=2 | source : security@ubuntu.com
https://ubuntu.com/security/notices/USN-6125-1 | source : security@ubuntu.com


Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-3703

Première publication le : 03-09-2023 15:15:14
Dernière modification le : 04-09-2023 00:06:16

Description :
Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials

CVE ID : CVE-2023-3703
Source : cna@cyber.gov.il
Score CVSS : 10.0

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-1392


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4696

Première publication le : 01-09-2023 01:15:08
Dernière modification le : 01-09-2023 13:06:59

Description :
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4696
Source : security@huntr.dev
Score CVSS : 9.8

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/4747a485-77c3-4bb5-aab0-21253ef303ca | source : security@huntr.dev

Vulnérabilité : CWE-284

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-4695

Première publication le : 01-09-2023 01:15:07
Dernière modification le : 01-09-2023 07:32:13

Description :
Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-4695
Source : security@huntr.dev
Score CVSS : 9.6

Références :
https://github.com/pkp/pkp-lib/commit/e5e7e543887fe77708aa31e07b18fe85f9b5a3b5 | source : security@huntr.dev
https://huntr.dev/bounties/887c7fc7-70c8-482d-b570-350533af4702 | source : security@huntr.dev

Vulnérabilité : CWE-1241


Source : moxa.com

Vulnérabilité ID : CVE-2023-39979

Première publication le : 02-09-2023 13:15:44
Dernière modification le : 04-09-2023 00:06:16

Description :
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values.

CVE ID : CVE-2023-39979
Source : psirt@moxa.com
Score CVSS : 9.8

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-334


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4744

Première publication le : 04-09-2023 00:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.

CVE ID : CVE-2023-4744
Source : cna@vuldb.com
Score CVSS : 9.8

Références :
https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238633 | source : cna@vuldb.com
https://vuldb.com/?id.238633 | source : cna@vuldb.com

Vulnérabilité : CWE-121


Source : lge.com

Vulnérabilité ID : CVE-2023-4613

Première publication le : 04-09-2023 09:15:07
Dernière modification le : 04-09-2023 11:15:41

Description :
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.

CVE ID : CVE-2023-4613
Source : product.security@lge.com
Score CVSS : 9.8

Références :
https://lgsecurity.lge.com/bulletins/idproducts#updateDetails | source : product.security@lge.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1221/ | source : product.security@lge.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-4614

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.

CVE ID : CVE-2023-4614
Source : product.security@lge.com
Score CVSS : 9.8

Références :
https://lgsecurity.lge.com/bulletins/idproducts#updateDetails | source : product.security@lge.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1222/ | source : product.security@lge.com

Vulnérabilité : CWE-22


(50) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4697

Première publication le : 01-09-2023 01:15:09
Dernière modification le : 01-09-2023 13:07:07

Description :
Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4697
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/3ff3325a-1dcb-4da7-894d-81a9cf726d81 | source : security@huntr.dev

Vulnérabilité : CWE-269

Vulnérabilité : CWE-269

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-4704

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.

CVE ID : CVE-2023-4704
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/instantsoft/icms2/commit/bc22d89691fdaf38055eba13dda8d959b16fa731 | source : security@huntr.dev
https://huntr.dev/bounties/4a54134d-df1f-43d4-9b14-45f023cd654a | source : security@huntr.dev

Vulnérabilité : CWE-15


Vulnérabilité ID : CVE-2023-4734

Première publication le : 02-09-2023 18:15:17
Dernière modification le : 04-09-2023 00:06:16

Description :
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.

CVE ID : CVE-2023-4734
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5 | source : security@huntr.dev
https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217 | source : security@huntr.dev

Vulnérabilité : CWE-190


Vulnérabilité ID : CVE-2023-4736

Première publication le : 02-09-2023 19:15:44
Dernière modification le : 04-09-2023 00:06:16

Description :
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.

CVE ID : CVE-2023-4736
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c | source : security@huntr.dev
https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71 | source : security@huntr.dev

Vulnérabilité : CWE-426


Vulnérabilité ID : CVE-2023-4738

Première publication le : 02-09-2023 20:15:07
Dernière modification le : 04-09-2023 00:06:16

Description :
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

CVE ID : CVE-2023-4738
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1 | source : security@huntr.dev
https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612 | source : security@huntr.dev

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-4751

Première publication le : 03-09-2023 19:15:43
Dernière modification le : 04-09-2023 00:06:16

Description :
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

CVE ID : CVE-2023-4751
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b | source : security@huntr.dev
https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378 | source : security@huntr.dev

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-4750

Première publication le : 04-09-2023 14:15:08
Dernière modification le : 04-09-2023 14:15:08

Description :
Use After Free in GitHub repository vim/vim prior to 9.0.1857.

CVE ID : CVE-2023-4750
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed | source : security@huntr.dev
https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea | source : security@huntr.dev

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2023-4752

Première publication le : 04-09-2023 14:15:08
Dernière modification le : 04-09-2023 14:15:08

Description :
Use After Free in GitHub repository vim/vim prior to 9.0.1858.

CVE ID : CVE-2023-4752
Source : security@huntr.dev
Score CVSS : 7.8

Références :
https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139 | source : security@huntr.dev
https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757 | source : security@huntr.dev

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2023-4698

Première publication le : 01-09-2023 01:15:09
Dernière modification le : 01-09-2023 13:07:30

Description :
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4698
Source : security@huntr.dev
Score CVSS : 7.5

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/e1107d79-1d63-4238-90b7-5cc150512654 | source : security@huntr.dev

Vulnérabilité : CWE-20

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-4733

Première publication le : 04-09-2023 14:15:07
Dernière modification le : 04-09-2023 14:15:07

Description :
Use After Free in GitHub repository vim/vim prior to 9.0.1840.

CVE ID : CVE-2023-4733
Source : security@huntr.dev
Score CVSS : 7.3

Références :
https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c | source : security@huntr.dev
https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217 | source : security@huntr.dev

Vulnérabilité : CWE-416


Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-37221

Première publication le : 03-09-2023 14:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

CVE ID : CVE-2023-37221
Source : cna@cyber.gov.il
Score CVSS : 8.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39369

Première publication le : 03-09-2023 15:15:13
Dernière modification le : 04-09-2023 00:06:16

Description :
StarTrinity Softswitch version 2023-02-16 - Multiple Reflected XSS (CWE-79)

CVE ID : CVE-2023-39369
Source : cna@cyber.gov.il
Score CVSS : 8.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39370

Première publication le : 03-09-2023 15:15:13
Dernière modification le : 04-09-2023 00:06:16

Description :
StarTrinity Softswitch version 2023-02-16 - Persistent XSS (CWE-79)

CVE ID : CVE-2023-39370
Source : cna@cyber.gov.il
Score CVSS : 8.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39371

Première publication le : 03-09-2023 15:15:13
Dernière modification le : 04-09-2023 00:06:16

Description :
StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601)

CVE ID : CVE-2023-39371
Source : cna@cyber.gov.il
Score CVSS : 8.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-601


Vulnérabilité ID : CVE-2023-39372

Première publication le : 03-09-2023 15:15:14
Dernière modification le : 04-09-2023 00:06:16

Description :
StarTrinity Softswitch version 2023-02-16 - Multiple CSRF (CWE-352)

CVE ID : CVE-2023-39372
Source : cna@cyber.gov.il
Score CVSS : 8.1

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-39374

Première publication le : 03-09-2023 15:15:14
Dernière modification le : 04-09-2023 00:06:16

Description :
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element

CVE ID : CVE-2023-39374
Source : cna@cyber.gov.il
Score CVSS : 7.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-427


Vulnérabilité ID : CVE-2023-39373

Première publication le : 03-09-2023 15:15:14
Dernière modification le : 04-09-2023 00:06:16

Description :
A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.

CVE ID : CVE-2023-39373
Source : cna@cyber.gov.il
Score CVSS : 7.4

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-294


Vulnérabilité ID : CVE-2023-37220

Première publication le : 03-09-2023 14:15:41
Dernière modification le : 04-09-2023 00:06:16

Description :
Synel Terminals - CWE-494: Download of Code Without Integrity Check

CVE ID : CVE-2023-37220
Source : cna@cyber.gov.il
Score CVSS : 7.2

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-494


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4746

Première publication le : 04-09-2023 01:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635.

CVE ID : CVE-2023-4746
Source : cna@vuldb.com
Score CVSS : 8.8

Références :
https://gist.github.com/dmknght/8f3b6aa65e9d08f45b5236c6e9ab8d80 | source : cna@vuldb.com
https://vuldb.com/?ctiid.238635 | source : cna@vuldb.com
https://vuldb.com/?id.238635 | source : cna@vuldb.com

Vulnérabilité : CWE-134


Source : incibe.es

Vulnérabilité ID : CVE-2023-4587

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
** UNSUPPPORTED WHEN ASSIGNED ** An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.

CVE ID : CVE-2023-4587
Source : cve-coordination@incibe.es
Score CVSS : 8.3

Références :
https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-zkteco-zem800 | source : cve-coordination@incibe.es

Vulnérabilité : CWE-639


Vulnérabilité ID : CVE-2023-3222

Première publication le : 04-09-2023 13:15:33
Dernière modification le : 04-09-2023 13:15:33

Description :
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests.

CVE ID : CVE-2023-3222
Source : cve-coordination@incibe.es
Score CVSS : 7.5

Références :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin | source : cve-coordination@incibe.es

Vulnérabilité : CWE-640


Source : github.com

Vulnérabilité ID : CVE-2023-41054

Première publication le : 04-09-2023 18:15:08
Dernière modification le : 04-09-2023 18:15:08

Description :
LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `image_proxy.php` file of LibreY before commit 8f9b9803f231e2954e5b49987a532d28fe50a627. This vulnerability allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks via the `url` parameter. Remote attackers can use the server as a proxy to send HTTP GET requests and retrieve information in the internal network. Remote attackers can also request the server to download large files or chain requests among multiple instances to reduce the performance of the server or even deny access from legitimate users. This issue has been addressed in https://github.com/Ahwxorg/LibreY/pull/31. LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-41054
Source : security-advisories@github.com
Score CVSS : 8.2

Références :
https://github.com/Ahwxorg/LibreY/pull/31 | source : security-advisories@github.com
https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-p4f9-h8x8-mpwf | source : security-advisories@github.com

Vulnérabilité : CWE-918


Vulnérabilité ID : CVE-2023-41049

Première publication le : 01-09-2023 20:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on version `0.1.0`. Users are advised to upgrade. Users unable to upgrade should limit untrusted user input to the `init` function.

CVE ID : CVE-2023-41049
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/decentraland/single-sign-on-client/commit/bd20ea9533d0cda30809d929db85b1b76cef855a | source : security-advisories@github.com
https://github.com/decentraland/single-sign-on-client/security/advisories/GHSA-vp4f-wxgw-7x8x | source : security-advisories@github.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-41055

Première publication le : 04-09-2023 18:15:09
Dernière modification le : 04-09-2023 18:15:09

Description :
LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `engines/google/text.php` and `engines/duckduckgo/text.php` files in versions before commit be59098abd119cda70b15bf3faac596dfd39a744. This vulnerability allows remote attackers to request the server to send HTTP GET requests to arbitrary targets and conduct Denial-of-Service (DoS) attacks via the `wikipedia_language` cookie. Remote attackers can request the server to download large files to reduce the performance of the server or even deny access from legitimate users. This issue has been patched in https://github.com/Ahwxorg/LibreY/pull/9. LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-41055
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/Ahwxorg/LibreY/pull/9 | source : security-advisories@github.com
https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc | source : security-advisories@github.com

Vulnérabilité : CWE-918


Source : ubuntu.com

Vulnérabilité ID : CVE-2023-3297

Première publication le : 01-09-2023 21:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE ID : CVE-2023-3297
Source : security@ubuntu.com
Score CVSS : 8.1

Références :
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/2024182 | source : security@ubuntu.com
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3297 | source : security@ubuntu.com
https://securitylab.github.com/advisories/GHSL-2023-139_accountsservice/ | source : security@ubuntu.com
https://ubuntu.com/security/notices/USN-6190-1 | source : security@ubuntu.com

Vulnérabilité : CWE-416


Source : emc.com

Vulnérabilité ID : CVE-2023-28072

Première publication le : 04-09-2023 16:15:07
Dernière modification le : 04-09-2023 16:15:07

Description :
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.

CVE ID : CVE-2023-28072
Source : security_alert@emc.com
Score CVSS : 7.8

Références :
https://www.dell.com/support/kbdoc/en-in/000212982/dsa-2023-158 | source : security_alert@emc.com

Vulnérabilité : CWE-502


Source : juniper.net

Vulnérabilité ID : CVE-2023-4481

Première publication le : 01-09-2023 00:15:08
Dernière modification le : 01-09-2023 07:32:13

Description :
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When certain specific crafted BGP UPDATE messages are received over an established BGP session, one BGP session may be torn down with an UPDATE message error, or the issue may propagate beyond the local system which will remain non-impacted, but may affect one or more remote systems. This issue is exploitable remotely as the crafted UPDATE message can propagate through unaffected systems and intermediate BGP speakers. Continuous receipt of the crafted BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations. This issue requires a remote attacker to have at least one established BGP session.

CVE ID : CVE-2023-4481
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://kb.juniper.net/JSA72510 | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/bgp-error-messages.html | source : sirt@juniper.net
https://www.rfc-editor.org/rfc/rfc4271 | source : sirt@juniper.net
https://www.rfc-editor.org/rfc/rfc7606 | source : sirt@juniper.net

Vulnérabilité : CWE-20


Source : moxa.com

Vulnérabilité ID : CVE-2023-39981

Première publication le : 02-09-2023 13:15:45
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.

CVE ID : CVE-2023-39981
Source : psirt@moxa.com
Score CVSS : 7.5

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-39982

Première publication le : 02-09-2023 13:15:45
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.

CVE ID : CVE-2023-39982
Source : psirt@moxa.com
Score CVSS : 7.5

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-39980

Première publication le : 02-09-2023 13:15:45
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands.

CVE ID : CVE-2023-39980
Source : psirt@moxa.com
Score CVSS : 7.1

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-89


Source : lge.com

Vulnérabilité ID : CVE-2023-4615

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.

CVE ID : CVE-2023-4615
Source : product.security@lge.com
Score CVSS : 7.5

Références :
https://lgsecurity.lge.com/bulletins/idproducts#updateDetails | source : product.security@lge.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1224/ | source : product.security@lge.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-4616

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.

CVE ID : CVE-2023-4616
Source : product.security@lge.com
Score CVSS : 7.5

Références :
https://lgsecurity.lge.com/bulletins/idproducts#updateDetails | source : product.security@lge.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1223/ | source : product.security@lge.com

Vulnérabilité : CWE-22


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3915

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:14:01

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an external user is given an owner role on any group, that external user may escalate their privileges on the instance by creating a service account in that group. This service account is not classified as external and may be used to access internal projects.

CVE ID : CVE-2023-3915
Source : cve@gitlab.com
Score CVSS : 7.2

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/417664 | source : cve@gitlab.com
https://hackerone.com/reports/2040834 | source : cve@gitlab.com

Vulnérabilité : CWE-732

Vulnérabilité : CWE-279

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Source : patchstack.com

Vulnérabilité ID : CVE-2023-34011

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ShopConstruct plugin <= 1.1.2 versions.

CVE ID : CVE-2023-34011
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/shopconstruct/wordpress-shopconstruct-plugin-1-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37893

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chop-Chop Coming Soon Chop Chop plugin <= 2.2.4 versions.

CVE ID : CVE-2023-37893
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/cc-coming-soon/wordpress-coming-soon-chop-chop-plugin-2-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37997

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh Patel Post List With Featured Image plugin <= 1.2 versions.

CVE ID : CVE-2023-37997
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/post-list-with-featured-image/wordpress-post-list-with-featured-image-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39162

Première publication le : 04-09-2023 10:15:08
Dernière modification le : 04-09-2023 10:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XLPlugins User Email Verification for WooCommerce plugin <= 3.5.0 versions.

CVE ID : CVE-2023-39162
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woo-confirmation-email/wordpress-user-email-verification-for-woocommerce-plugin-3-5-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39164

Première publication le : 04-09-2023 10:15:09
Dernière modification le : 04-09-2023 10:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin <= 4.6.19 versions.

CVE ID : CVE-2023-39164
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/molongui-authorship/wordpress-molongui-plugin-4-6-18-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30494

Première publication le : 04-09-2023 11:15:39
Dernière modification le : 04-09-2023 11:15:39

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.10 versions.

CVE ID : CVE-2023-30494
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/imagerecycle-pdf-image-compression/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-10-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31220

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <= 2.2 versions.

CVE ID : CVE-2023-31220
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wp-categories-widget/wordpress-wp-categories-widget-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37393

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.

CVE ID : CVE-2023-37393
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/atarim-visual-collaboration/wordpress-atarim-plugin-3-9-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39918

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions.

CVE ID : CVE-2023-39918
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/booking-package/wordpress-booking-package-plugin-1-6-01-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39991

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <= 3.0.0-beta.4 versions.

CVE ID : CVE-2023-39991
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/bigbluebutton/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39992

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions.

CVE ID : CVE-2023-39992
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/meeting-scheduler-by-vcita/wordpress-online-booking-scheduling-calendar-for-wordpress-by-vcita-plugin-4-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40208

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Uroševi? Stock Ticker plugin <= 3.23.3 versions.

CVE ID : CVE-2023-40208
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-3-unauth-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30485

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions.

CVE ID : CVE-2023-30485
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/avartan-slider-lite/wordpress-avartan-slider-lite-plugin-1-5-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32296

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kangu para WooCommerce plugin <= 2.2.9 versions.

CVE ID : CVE-2023-32296
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/kangu/wordpress-kangu-para-woocommerce-plugin-2-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40196

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.11 versions.

CVE ID : CVE-2023-40196
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/imagerecycle-pdf-image-compression/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40205

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgrade PixTypes plugin <= 1.4.15 versions.

CVE ID : CVE-2023-40205
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/pixtypes/wordpress-pixtypes-plugin-1-4-15-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40214

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vathemes Business Pro theme <= 1.10.4 versions.

CVE ID : CVE-2023-40214
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/business-pro/wordpress-business-pro-theme-1-10-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(61) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : gitlab.com

Vulnérabilité ID : CVE-2023-3205

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 21:13:41

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

CVE ID : CVE-2023-3205
Source : cve@gitlab.com
Score CVSS : 6.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/415067 | source : cve@gitlab.com
https://hackerone.com/reports/2011464 | source : cve@gitlab.com

Vulnérabilité : CWE-400

Vulnérabilité : CWE-400

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-3210

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:13:51

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

CVE ID : CVE-2023-3210
Source : cve@gitlab.com
Score CVSS : 6.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/415074 | source : cve@gitlab.com
https://hackerone.com/reports/2011474 | source : cve@gitlab.com

Vulnérabilité : CWE-400

Vulnérabilité : CWE-400

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-4378

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the configured URL in the Sentry error tracking settings page. This was as a result of an incomplete fix for CVE-2022-4365.

CVE ID : CVE-2023-4378
Source : cve@gitlab.com
Score CVSS : 5.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/422134 | source : cve@gitlab.com
https://hackerone.com/reports/2104591 | source : cve@gitlab.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-4647

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances.

CVE ID : CVE-2023-4647
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/414502 | source : cve@gitlab.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2022-4343

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile.

CVE ID : CVE-2022-4343
Source : cve@gitlab.com
Score CVSS : 5.0

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/385124 | source : cve@gitlab.com
https://hackerone.com/reports/1767797 | source : cve@gitlab.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-4018

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.

CVE ID : CVE-2023-4018
Source : cve@gitlab.com
Score CVSS : 4.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/420301 | source : cve@gitlab.com
https://hackerone.com/reports/2083440 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Source : patchstack.com

Vulnérabilité ID : CVE-2023-37994

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Artem Abramovich Art Decoration Shortcode plugin <= 1.5.6 versions.

CVE ID : CVE-2023-37994
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/art-decoration-shortcode/wordpress-art-decoration-shortcode-plugin-1-5-6-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38516

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Audio Player with Playlist Ultimate plugin <= 1.2.2 versions.

CVE ID : CVE-2023-38516
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/audio-player-with-playlist-ultimate/wordpress-audio-player-with-playlist-ultimate-plugin-1-2-2-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39988

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ???(std.Cloud) WxSync plugin <= 2.7.23 versions.

CVE ID : CVE-2023-39988
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/wxsync/wordpress-wxsync-plugin-2-7-23-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32102

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Pexle Chris Library Viewer plugin <= 2.0.6 versions.

CVE ID : CVE-2023-32102
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/library-viewer/wordpress-library-viewer-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32578

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions.

CVE ID : CVE-2023-32578
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/column-matic/wordpress-column-matic-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40197

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <= 1.9.9 versions.

CVE ID : CVE-2023-40197
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/flowpaper-lite-pdf-flipbook/wordpress-flowpaper-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25477

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 11:47:43

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yotuwp Video Gallery plugin <= 1.3.12 versions.

CVE ID : CVE-2023-25477
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/yotuwp-easy-youtube-embed/wordpress-video-gallery-youtube-playlist-channel-gallery-by-yotuwp-plugin-1-3-12-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25488

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 11:47:43

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Duc Bui Quang WP Default Feature Image plugin <= 1.0.1.1 versions.

CVE ID : CVE-2023-25488
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-default-feature-image/wordpress-wp-default-feature-image-plugin-1-0-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37986

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin <= 1.1.3 versions.

CVE ID : CVE-2023-37986
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/login-with-yourmembership/wordpress-yourmembership-single-sign-on-plugin-1-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38387

Première publication le : 03-09-2023 12:15:41
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.

CVE ID : CVE-2023-38387
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/elastic-email-sender/wordpress-elastic-email-sender-plugin-1-2-6-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38476

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SuiteDash :: ONE Dashboard® Client Portal : SuiteDash Direct Login plugin <= 1.7.6 versions.

CVE ID : CVE-2023-38476
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/client-portal-suitedash-login/wordpress-client-portal-suitedash-direct-login-plugin-1-7-3-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38482

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QualityUnit Post Affiliate Pro plugin <= 1.25.0 versions.

CVE ID : CVE-2023-38482
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/postaffiliatepro/wordpress-post-affiliate-pro-plugin-1-24-9-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38517

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Realwebcare WRC Pricing Tables plugin <= 2.3.7 versions.

CVE ID : CVE-2023-38517
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wrc-pricing-tables/wordpress-wrc-pricing-tables-plugin-2-3-4-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38518

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Visualmodo Borderless plugin <= 1.4.8 versions.

CVE ID : CVE-2023-38518
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/borderless/wordpress-borderless-plugin-1-4-7-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-38521

Première publication le : 03-09-2023 12:15:42
Dernière modification le : 04-09-2023 00:06:16

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Exifography plugin <= 1.3.1 versions.

CVE ID : CVE-2023-38521
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/thesography/wordpress-exifography-plugin-1-3-1-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25465

Première publication le : 04-09-2023 10:15:07
Dernière modification le : 04-09-2023 10:15:07

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <= 7.1 versions.

CVE ID : CVE-2023-25465
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-tell-a-friend-popup-form/wordpress-wp-tell-a-friend-popup-form-plugin-7-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36382

Première publication le : 04-09-2023 10:15:08
Dernière modification le : 04-09-2023 10:15:08

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin <= 2.0.0 versions.

CVE ID : CVE-2023-36382
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-media-library-categories/wordpress-media-library-categories-plugin-2-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39919

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions.

CVE ID : CVE-2023-39919
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wpshopgermany-protectedshops/wordpress-wpshopgermany-protected-shops-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39987

Première publication le : 04-09-2023 11:15:40
Dernière modification le : 04-09-2023 11:15:40

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay Lulia wSecure Lite plugin <= 2.5 versions.

CVE ID : CVE-2023-39987
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wsecure/wordpress-wsecure-lite-plugin-2-5-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-40206

Première publication le : 04-09-2023 11:15:41
Dernière modification le : 04-09-2023 11:15:41

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <= 1.0.3 versions.

CVE ID : CVE-2023-40206
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-404-auto-redirect-to-similar-post/wordpress-wp-404-auto-redirect-to-similar-post-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24412

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 20:28:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Image Social Feed plugin <= 1.7.6 versions.

CVE ID : CVE-2023-24412
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/add-instagram/wordpress-image-social-feed-plugin-plugin-1-7-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:web-settler:image_social_feed:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.7.6


Vulnérabilité ID : CVE-2023-25042

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 20:47:28

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <= 2.3.0 versions.

CVE ID : CVE-2023-25042
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/oauth-twitter-feed-for-developers/wordpress-oauth-twitter-feed-for-developers-plugin-2-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:stormconsultancy:oauth_twitter_feed_for_developers:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 2.3.0


Vulnérabilité ID : CVE-2023-25044

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 20:47:45

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.

CVE ID : CVE-2023-25044
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/social-share-boost/wordpress-social-share-boost-plugin-4-4-cross-site-scripting-xss-vulnerability-2?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:sumo:social_share_boost:*:*:*:*:*:wordpress:*:*


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4718

Première publication le : 02-09-2023 04:15:09
Dernière modification le : 04-09-2023 00:06:16

Description :
The Font Awesome 4 Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fa' and 'fa-stack' shortcodes in versions up to, and including, 4.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4718
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L197 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L214 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/dc59510c-6eaf-4526-8acb-c07e39923ad9?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4708

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 02-09-2023 15:15:27

Description :
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-238571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4708
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
http://packetstormsecurity.com/files/174445/Clcknshop-1.0.0-SQL-Injection.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.238571 | source : cna@vuldb.com
https://vuldb.com/?id.238571 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4739

Première publication le : 03-09-2023 20:15:13
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S85F Management Platform up to 20230820 on Smart. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238628. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4739
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/Meizhi-hua/cve/blob/main/upload_file.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238628 | source : cna@vuldb.com
https://vuldb.com/?id.238628 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-4740

Première publication le : 03-09-2023 20:15:14
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft&archiveId=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238629 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4740
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/RCEraser/cve/blob/main/sql_inject.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238629 | source : cna@vuldb.com
https://vuldb.com/?id.238629 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4741

Première publication le : 03-09-2023 23:15:39
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects unknown code of the file ?r=diary/default/del of the component Delete Logs Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-238630 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4741
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/wudidike/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238630 | source : cna@vuldb.com
https://vuldb.com/?id.238630 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4742

Première publication le : 03-09-2023 23:15:39
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/user/export&uid=X. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238631. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4742
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/gatsby2003/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238631 | source : cna@vuldb.com
https://vuldb.com/?id.238631 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4745

Première publication le : 04-09-2023 00:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-238634 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-4745
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/Jacky-Y/vuls/blob/main/vul6.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238634 | source : cna@vuldb.com
https://vuldb.com/?id.238634 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4747

Première publication le : 04-09-2023 01:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tag_alias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238636.

CVE ID : CVE-2023-4747
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/laoquanshi/cve | source : cna@vuldb.com
https://github.com/laoquanshi/cve/blob/main/dedecms%20%20sql%20%20injection | source : cna@vuldb.com
https://vuldb.com/?ctiid.238636 | source : cna@vuldb.com
https://vuldb.com/?id.238636 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4749

Première publication le : 04-09-2023 01:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to file inclusion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238638 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-4749
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://skypoc.wordpress.com/2023/09/03/%e3%80%90code-audit%e3%80%91open-source-ample-inventory-management-system-v1-0-by-mayuri_k-has-a-file-inclusion-vulnerability/ | source : cna@vuldb.com
https://vuldb.com/?ctiid.238638 | source : cna@vuldb.com
https://vuldb.com/?id.238638 | source : cna@vuldb.com

Vulnérabilité : CWE-73


Vulnérabilité ID : CVE-2023-4712

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4712
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/wpay65249519/cve/blob/main/SQL_injection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238575 | source : cna@vuldb.com
https://vuldb.com/?id.238575 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4713

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4713
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/13aiZe1/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238576 | source : cna@vuldb.com
https://vuldb.com/?id.238576 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4711

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-238574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4711
Source : cna@vuldb.com
Score CVSS : 5.0

Références :
https://github.com/TinkAnet/cve/blob/main/rce.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238574 | source : cna@vuldb.com
https://vuldb.com/?id.238574 | source : cna@vuldb.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-4709

Première publication le : 01-09-2023 19:15:43
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4709
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://vuldb.com/?ctiid.238572 | source : cna@vuldb.com
https://vuldb.com/?id.238572 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4710

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4710
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://vuldb.com/?ctiid.238573 | source : cna@vuldb.com
https://vuldb.com/?id.238573 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4714

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 02-09-2023 15:15:27

Description :
A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The identifier VDB-238577 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4714
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
http://packetstormsecurity.com/files/174446/PlayTube-3.0.1-Information-Disclosure.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.238577 | source : cna@vuldb.com
https://vuldb.com/?id.238577 | source : cna@vuldb.com

Vulnérabilité : CWE-200


Source : github.com

Vulnérabilité ID : CVE-2023-41046

Première publication le : 01-09-2023 20:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "VelocityCode" or "VelocityWiki". For the former, the syntax of the document needs to be set the `xwiki/1.0` (this syntax doesn't need to be installed). In both cases, when adding the property to an object, the Velocity code is executed regardless of the rights of the author of the property (edit right is still required, though). In both cases, the code is executed with the correct context author so no privileged APIs can be accessed. However, Velocity still grants access to otherwise inaccessible data and APIs that could allow further privilege escalation. At least for "VelocityCode", this behavior is most likely very old but only since XWiki 7.2, script right is a separate right, before that version all users were allowed to execute Velocity and thus this was expected and not a security issue. This has been patched in XWiki 14.10.10 and 15.4 RC1. Users are advised to upgrade. There are no known workarounds.

CVE ID : CVE-2023-41046
Source : security-advisories@github.com
Score CVSS : 6.3

Références :
https://github.com/xwiki/xwiki-platform/commit/edc52579eeaab1b4514785c134044671a1ecd839 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-m5m2-h6h9-p2c8 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20847 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20848 | source : security-advisories@github.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-41057

Première publication le : 04-09-2023 18:15:09
Dernière modification le : 04-09-2023 18:15:09

Description :
hyper-bump-it is a command line tool for updating the version in project files.`hyper-bump-it` reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is not checked. This could result in changes being written to files outside of the project. The default behaviour of `hyper-bump-it` is to display the planned changes and prompt the user for confirmation before editing any files. However, the configuration file provides a field that can be used cause files to be edited without displaying the prompt. This issue has been fixed in release version 0.5.1. Users are advised to upgrade. Users that are unable to update from vulnerable versions, executing `hyper-bump-it` with the `--interactive` command line argument will ensure that all planned changes are displayed and prompt the user for confirmation before editing any files, even if the configuration file contains `show_confirm_prompt=true`.

CVE ID : CVE-2023-41057
Source : security-advisories@github.com
Score CVSS : 5.5

Références :
https://github.com/plannigan/hyper-bump-it/pull/307 | source : security-advisories@github.com
https://github.com/plannigan/hyper-bump-it/security/advisories/GHSA-xc27-f9q3-4448 | source : security-advisories@github.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-23763

Première publication le : 01-09-2023 15:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.10.0 and was fixed in versions 3.9.4, 3.8.9, 3.7.16 and 3.6.18. This vulnerability was reported via the GitHub Bug Bounty program.

CVE ID : CVE-2023-23763
Source : product-cna@github.com
Score CVSS : 5.3

Références :
https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.18-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.16-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.9-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.4-security-fixes | source : product-cna@github.com

Vulnérabilité : CWE-200


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4721

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4721
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63 | source : security@huntr.dev
https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc | source : security@huntr.dev

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2023-4722

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4722
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76 | source : security@huntr.dev
https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830 | source : security@huntr.dev

Vulnérabilité : CWE-190


Vulnérabilité ID : CVE-2023-4756

Première publication le : 04-09-2023 09:15:07
Dernière modification le : 04-09-2023 09:15:07

Description :
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4756
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01 | source : security@huntr.dev
https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05 | source : security@huntr.dev

Vulnérabilité : CWE-121


Vulnérabilité ID : CVE-2023-4758

Première publication le : 04-09-2023 16:15:08
Dernière modification le : 04-09-2023 16:15:08

Description :
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4758
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86 | source : security@huntr.dev
https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6 | source : security@huntr.dev

Vulnérabilité : CWE-126


Vulnérabilité ID : CVE-2023-4754

Première publication le : 04-09-2023 09:15:07
Dernière modification le : 04-09-2023 09:15:07

Description :
Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4754
Source : security@huntr.dev
Score CVSS : 5.3

Références :
https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0 | source : security@huntr.dev
https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c | source : security@huntr.dev

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2023-4755

Première publication le : 04-09-2023 14:15:08
Dernière modification le : 04-09-2023 14:15:08

Description :
Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4755
Source : security@huntr.dev
Score CVSS : 5.3

Références :
https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a | source : security@huntr.dev
https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3 | source : security@huntr.dev

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2023-4735

Première publication le : 02-09-2023 18:15:20
Dernière modification le : 04-09-2023 00:06:16

Description :
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.

CVE ID : CVE-2023-4735
Source : security@huntr.dev
Score CVSS : 4.8

Références :
https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57 | source : security@huntr.dev
https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51 | source : security@huntr.dev

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2023-4720

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4720
Source : security@huntr.dev
Score CVSS : 4.0

Références :
https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a | source : security@huntr.dev
https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad | source : security@huntr.dev

Vulnérabilité : CWE-1077


Source : fortinet.com

Vulnérabilité ID : CVE-2022-22305

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.

CVE ID : CVE-2022-22305
Source : psirt@fortinet.com
Score CVSS : 5.4

Références :
https://fortiguard.com/psirt/FG-IR-18-292 | source : psirt@fortinet.com


Source : moxa.com

Vulnérabilité ID : CVE-2023-39983

Première publication le : 02-09-2023 13:15:45
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application.

CVE ID : CVE-2023-39983
Source : psirt@moxa.com
Score CVSS : 5.3

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-915


Source : incibe.es

Vulnérabilité ID : CVE-2023-3221

Première publication le : 04-09-2023 13:15:32
Dernière modification le : 04-09-2023 13:15:32

Description :
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database.

CVE ID : CVE-2023-3221
Source : cve-coordination@incibe.es
Score CVSS : 5.3

Références :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin | source : cve-coordination@incibe.es

Vulnérabilité : CWE-204


Source : lenovo.com

Vulnérabilité ID : CVE-2022-3407

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue.

CVE ID : CVE-2022-3407
Source : psirt@lenovo.com
Score CVSS : 4.9

Références :
https://en-us.support.motorola.com/app/answers/detail/a_id/175354 | source : psirt@lenovo.com

Vulnérabilité : CWE-404


Source : mitre.org

Vulnérabilité ID : CVE-2023-24675

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 20:28:00

Description :
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL.

CVE ID : CVE-2023-24675
Source : cve@mitre.org
Score CVSS : 4.8

Références :
https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 | source : cve@mitre.org
https://medium.com/@cupc4k3/xss-stored-in-friendly-url-field-on-bludit-cms-641a9dd653f | source : cve@mitre.org

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:bludit:bludit:3.14.1:*:*:*:*:*:*:*


Source : cyber.gov.il

Vulnérabilité ID : CVE-2023-37222

Première publication le : 03-09-2023 15:15:12
Dernière modification le : 04-09-2023 00:06:16

Description :
Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities (CWE-79) can be exploited by a user with administrator privilege.

CVE ID : CVE-2023-37222
Source : cna@cyber.gov.il
Score CVSS : 4.8

Références :
https://www.gov.il/en/Departments/faq/cve_advisories | source : cna@cyber.gov.il

Vulnérabilité : CWE-79


(9) Vulnérabilité(s) LOW [0.1, 3.9]

Source : gitlab.com

Vulnérabilité ID : CVE-2023-3950

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:14:48

Description :
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.

CVE ID : CVE-2023-3950
Source : cve@gitlab.com
Score CVSS : 3.8

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/419675 | source : cve@gitlab.com
https://hackerone.com/reports/2079154 | source : cve@gitlab.com

Vulnérabilité : CWE-312

Vulnérabilité : CWE-312

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-0120

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to edit labels description by an unauthorised user.

CVE ID : CVE-2023-0120
Source : cve@gitlab.com
Score CVSS : 3.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/387531 | source : cve@gitlab.com
https://hackerone.com/reports/1818425 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-1555

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespace-level banned user can access the API.

CVE ID : CVE-2023-1555
Source : cve@gitlab.com
Score CVSS : 2.7

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/398587 | source : cve@gitlab.com
https://hackerone.com/reports/1911908 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-1279

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project.

CVE ID : CVE-2023-1279
Source : cve@gitlab.com
Score CVSS : 2.6

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/395437 | source : cve@gitlab.com
https://hackerone.com/reports/1889230 | source : cve@gitlab.com

Vulnérabilité : CWE-138


Source : github.com

Vulnérabilité ID : CVE-2023-40015

Première publication le : 04-09-2023 18:15:07
Dernière modification le : 04-09-2023 18:15:07

Description :
Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. `unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (when lhs and rhs are enums)`. This behaviour becomes a problem when the evaluation of one of the arguments produces side effects that other arguments depend on. The following expressions can produce side-effect: state modifying external call , state modifying internal call, `raw_call`, `pop()` when used on a Dynamic Array stored in the storage, `create_minimal_proxy_to`, `create_copy_of`, `create_from_blueprint`. This issue has not yet been patched. Users are advised to make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.

CVE ID : CVE-2023-40015
Source : security-advisories@github.com
Score CVSS : 3.7

Références :
https://github.com/vyperlang/vyper/security/advisories/GHSA-g2xh-c426-v8mf | source : security-advisories@github.com

Vulnérabilité : CWE-670


Vulnérabilité ID : CVE-2023-41052

Première publication le : 04-09-2023 18:15:08
Dernière modification le : 04-09-2023 18:15:08

Description :
Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.

CVE ID : CVE-2023-41052
Source : security-advisories@github.com
Score CVSS : 3.7

Références :
https://github.com/vyperlang/vyper/pull/3583 | source : security-advisories@github.com
https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq | source : security-advisories@github.com

Vulnérabilité : CWE-670


Vulnérabilité ID : CVE-2023-41051

Première publication le : 01-09-2023 19:15:42
Dernière modification le : 01-09-2023 21:15:30

Description :
In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the `VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}` trait functions, which allows out-of-bounds memory access if the `VolatileMemory::get_slice` function returns a `VolatileSlice` whose length is less than the function’s `count` argument. No implementations of `get_slice` provided in `vm_memory` are affected. Users of custom `VolatileMemory` implementations may be impacted if the custom implementation does not adhere to `get_slice`'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the `VolatileSlice` returned by `get_slice` is of the correct length. Users are advised to upgrade. There are no known workarounds for this issue.

CVE ID : CVE-2023-41051
Source : security-advisories@github.com
Score CVSS : 2.5

Références :
https://crates.io/crates/vm-memory/0.12.2 | source : security-advisories@github.com
https://github.com/rust-vmm/vm-memory/commit/aff1dd4a5259f7deba56692840f7a2d9ca34c9c8 | source : security-advisories@github.com
https://github.com/rust-vmm/vm-memory/security/advisories/GHSA-49hh-fprx-m68g | source : security-advisories@github.com

Vulnérabilité : CWE-125


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4707

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 02-09-2023 15:15:27

Description :
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4707
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
http://packetstormsecurity.com/files/174444/Clcknshop-1.0.0-Cross-Site-Scripting.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.238570 | source : cna@vuldb.com
https://vuldb.com/?id.238570 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4743

Première publication le : 03-09-2023 23:15:40
Dernière modification le : 04-09-2023 00:06:16

Description :
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4743
Source : cna@vuldb.com
Score CVSS : 3.1

Références :
https://github.com/FFR66/Dreamer-CMS_Unauthorized-access-vulnerability | source : cna@vuldb.com
https://vuldb.com/?ctiid.238632 | source : cna@vuldb.com
https://vuldb.com/?id.238632 | source : cna@vuldb.com

Vulnérabilité : CWE-552


(137) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2022-44349

Première publication le : 01-09-2023 10:15:07
Dernière modification le : 01-09-2023 11:47:50

Description :
NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).

CVE ID : CVE-2022-44349
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2022-44349 | source : cve@mitre.org
https://www.navblue.aero/product/n-crew-planning/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-24674

Première publication le : 01-09-2023 10:15:07
Dernière modification le : 01-09-2023 11:47:50

Description :
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.

CVE ID : CVE-2023-24674
Source : cve@mitre.org
Score CVSS : /

Références :
https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 | source : cve@mitre.org
https://medium.com/@cupc4k3/privilege-scalation-in-bludit-cms-dcf86c41107 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39685

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string.

CVE ID : CVE-2023-39685
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hjson/hjson-java/issues/27 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41364

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.

CVE ID : CVE-2023-41364
Source : cve@mitre.org
Score CVSS : /

Références :
https://herolab.usd.de/security-advisories/ | source : cve@mitre.org
https://herolab.usd.de/security-advisories/usd-2023-0002/ | source : cve@mitre.org
https://www.tine-groupware.de/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-46527

Première publication le : 01-09-2023 11:15:39
Dernière modification le : 01-09-2023 11:47:43

Description :
ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.

CVE ID : CVE-2022-46527
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-46527.pdf | source : cve@mitre.org
https://www.elsys.se/en/ers-sound/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40239

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.

CVE ID : CVE-2023-40239
Source : cve@mitre.org
Score CVSS : /

Références :
https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40969

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.

CVE ID : CVE-2023-40969
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SSRF-pop_p2p.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/204 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40970

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.

CVE ID : CVE-2023-40970
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-loan_rules.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/205 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37826

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fieldname parameter.

CVE ID : CVE-2023-37826
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37826 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37827

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the executionBlockName parameter.

CVE ID : CVE-2023-37827
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37827 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37828

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tasktyp parameter.

CVE ID : CVE-2023-37828
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37828 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37829

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.

CVE ID : CVE-2023-37829
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37829 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37830

Première publication le : 01-09-2023 13:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

CVE ID : CVE-2023-37830
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37830 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39703

Première publication le : 01-09-2023 13:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross site scripting (XSS) vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file.

CVE ID : CVE-2023-39703
Source : cve@mitre.org
Score CVSS : /

Références :
https://c0olw.github.io/2023/07/31/Typora-XSS-Vulnerability/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39710

Première publication le : 01-09-2023 14:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.

CVE ID : CVE-2023-39710
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/dc6e4dd231accf777dae30d890a4e7df#file-cve-2023-39710 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-22612

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Installer RCE on settings file write in MyBB before 1.8.22.

CVE ID : CVE-2020-22612
Source : cve@mitre.org
Score CVSS : /

Références :
https://mybb.com/versions/1.8.22/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28366

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.

CVE ID : CVE-2023-28366
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 | source : cve@mitre.org
https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16 | source : cve@mitre.org
https://mosquitto.org/blog/2023/08/version-2-0-16-released/ | source : cve@mitre.org
https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36076

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.

CVE ID : CVE-2023-36076
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lkw199711/smanga/issues/100 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36088

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information.

CVE ID : CVE-2023-36088
Source : cve@mitre.org
Score CVSS : /

Références :
http://nebulagraph.com | source : cve@mitre.org
https://github.com/vesoft-inc/nebula-studio | source : cve@mitre.org
https://github.com/vesoft-inc/nebula-studio/issues/571 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36100

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.

CVE ID : CVE-2023-36100
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Thecosy/IceCMS/issues/15 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36187

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

CVE ID : CVE-2023-36187
Source : cve@mitre.org
Score CVSS : /

Références :
https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36326

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function.

CVE ID : CVE-2023-36326
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab | source : cve@mitre.org
https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36327

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function.

CVE ID : CVE-2023-36327
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e | source : cve@mitre.org
https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36328

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).

CVE ID : CVE-2023-36328
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libtom/libtommath/pull/546 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39582

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

CVE ID : CVE-2023-39582
Source : cve@mitre.org
Score CVSS : /

Références :
https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-126-2023-07-18-High-impact-Low-risk-SQL-injection-by-admin-users | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39631

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

CVE ID : CVE-2023-39631
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/langchain-ai/langchain/issues/8363 | source : cve@mitre.org
https://github.com/pydata/numexpr/issues/442 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40771

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.

CVE ID : CVE-2023-40771
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/dataease/dataease/issues/5861 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40968

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address.

CVE ID : CVE-2023-40968
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hzeller/timg/issues/115 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40980

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.

CVE ID : CVE-2023-40980
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wkeyuan/DWSurvey/issues/107 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41627

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.

CVE ID : CVE-2023-41627
Source : cve@mitre.org
Score CVSS : /

Références :
https://jira.o-ran-sc.org/browse/RIC-1001 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41628

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components.

CVE ID : CVE-2023-41628
Source : cve@mitre.org
Score CVSS : /

Références :
https://jira.o-ran-sc.org/browse/RIC-1002 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39714

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.

CVE ID : CVE-2023-39714
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/141e68161014e832e30d39b1979a8a6c#file-cve-2023-39714 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41633

Première publication le : 01-09-2023 19:15:43
Dernière modification le : 01-09-2023 21:15:30

Description :
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.

CVE ID : CVE-2023-41633
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd | source : cve@mitre.org
https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference/ | source : cve@mitre.org


Source : apache.org

Vulnérabilité ID : CVE-2023-41180

Première publication le : 03-09-2023 16:15:10
Dernière modification le : 04-09-2023 00:06:16

Description :
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default, when using HTTPS. Mitigation: Set the Disable Peer Verification property of InvokeHTTP to true when using MiNiFi C++ versions 0.13.0 or 0.14.0. Upgrading to MiNiFi C++ 0.15.0 corrects the default behavior.

CVE ID : CVE-2023-41180
Source : security@apache.org
Score CVSS : /

Références :
https://lists.apache.org/thread/b51f8csysg1pvgs6xjjrq5hrjrvfot1y | source : security@apache.org

Vulnérabilité : CWE-295


Source : unisoc.com

Vulnérabilité ID : CVE-2022-47352

Première publication le : 04-09-2023 02:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-47352
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2022-47353

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-47353
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2022-48452

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-48452
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2022-48453

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-48453
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-33914

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed

CVE ID : CVE-2023-33914
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-33915

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

CVE ID : CVE-2023-33915
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-33916

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-33916
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-33917

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-33917
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-33918

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-33918
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38436

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38436
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38437

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38437
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38438

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38438
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38439

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38439
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38440

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38440
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38441

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38441
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38442

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38442
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38443

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38443
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38444

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38444
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38445

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38445
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38446

Première publication le : 04-09-2023 02:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38446
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38447

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38447
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38448

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38448
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38449

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38449
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38450

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38450
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38451

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38451
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38452

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38452
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38453

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38453
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38454

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38454
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38455

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38455
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38456

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38456
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38457

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38457
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38458

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38458
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38459

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38459
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38460

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38460
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38461

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38461
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38462

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38462
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38463

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38463
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38464

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

CVE ID : CVE-2023-38464
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38465

Première publication le : 04-09-2023 02:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38465
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38466

Première publication le : 04-09-2023 02:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

CVE ID : CVE-2023-38466
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38467

Première publication le : 04-09-2023 02:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-38467
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38468

Première publication le : 04-09-2023 02:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-38468
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38553

Première publication le : 04-09-2023 02:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed

CVE ID : CVE-2023-38553
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Vulnérabilité ID : CVE-2023-38554

Première publication le : 04-09-2023 02:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-38554
Source : security@unisoc.com
Score CVSS : /

Références :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 | source : security@unisoc.com


Source : mediatek.com

Vulnérabilité ID : CVE-2023-20820

Première publication le : 04-09-2023 03:15:07
Dernière modification le : 04-09-2023 03:51:45

Description :
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.

CVE ID : CVE-2023-20820
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20821

Première publication le : 04-09-2023 03:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

CVE ID : CVE-2023-20821
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20822

Première publication le : 04-09-2023 03:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In netdagent, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944012; Issue ID: ALPS07944012.

CVE ID : CVE-2023-20822
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20823

Première publication le : 04-09-2023 03:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592.

CVE ID : CVE-2023-20823
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20824

Première publication le : 04-09-2023 03:15:08
Dernière modification le : 04-09-2023 03:51:45

Description :
In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402.

CVE ID : CVE-2023-20824
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20825

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951413.

CVE ID : CVE-2023-20825
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20826

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In cta, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07978550; Issue ID: ALPS07978550.

CVE ID : CVE-2023-20826
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20827

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937105; Issue ID: ALPS07937105.

CVE ID : CVE-2023-20827
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20828

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.

CVE ID : CVE-2023-20828
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20829

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.

CVE ID : CVE-2023-20829
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20830

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.

CVE ID : CVE-2023-20830
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20831

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.

CVE ID : CVE-2023-20831
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20832

Première publication le : 04-09-2023 03:15:09
Dernière modification le : 04-09-2023 03:51:45

Description :
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.

CVE ID : CVE-2023-20832
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20833

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.

CVE ID : CVE-2023-20833
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20834

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514.

CVE ID : CVE-2023-20834
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20835

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.

CVE ID : CVE-2023-20835
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20836

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505629; Issue ID: ALPS07505629.

CVE ID : CVE-2023-20836
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20837

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.

CVE ID : CVE-2023-20837
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20838

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.

CVE ID : CVE-2023-20838
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20839

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.

CVE ID : CVE-2023-20839
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20840

Première publication le : 04-09-2023 03:15:10
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.

CVE ID : CVE-2023-20840
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20841

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.

CVE ID : CVE-2023-20841
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20842

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.

CVE ID : CVE-2023-20842
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20843

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.

CVE ID : CVE-2023-20843
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20844

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.

CVE ID : CVE-2023-20844
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20845

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.

CVE ID : CVE-2023-20845
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20846

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.

CVE ID : CVE-2023-20846
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20847

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.

CVE ID : CVE-2023-20847
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20848

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.

CVE ID : CVE-2023-20848
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20849

Première publication le : 04-09-2023 03:15:11
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.

CVE ID : CVE-2023-20849
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20850

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.

CVE ID : CVE-2023-20850
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-20851

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635.

CVE ID : CVE-2023-20851
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32805

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.

CVE ID : CVE-2023-32805
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32806

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.

CVE ID : CVE-2023-32806
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32807

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.

CVE ID : CVE-2023-32807
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32808

Première publication le : 04-09-2023 03:15:12
Dernière modification le : 04-09-2023 03:51:45

Description :
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751.

CVE ID : CVE-2023-32808
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32809

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753.

CVE ID : CVE-2023-32809
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32810

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.

CVE ID : CVE-2023-32810
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32811

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.

CVE ID : CVE-2023-32811
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32812

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.

CVE ID : CVE-2023-32812
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32813

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.

CVE ID : CVE-2023-32813
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32814

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947.

CVE ID : CVE-2023-32814
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32815

Première publication le : 04-09-2023 03:15:13
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.

CVE ID : CVE-2023-32815
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32816

Première publication le : 04-09-2023 03:15:14
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032.

CVE ID : CVE-2023-32816
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Vulnérabilité ID : CVE-2023-32817

Première publication le : 04-09-2023 03:15:14
Dernière modification le : 04-09-2023 03:51:45

Description :
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035.

CVE ID : CVE-2023-32817
Source : security@mediatek.com
Score CVSS : /

Références :
https://corp.mediatek.com/product-security-bulletin/September-2023 | source : security@mediatek.com


Source : wpscan.com

Vulnérabilité ID : CVE-2023-2813

Première publication le : 04-09-2023 12:15:08
Dernière modification le : 04-09-2023 12:15:08

Description :
All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link.

CVE ID : CVE-2023-2813
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3499

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3499
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3814

Première publication le : 04-09-2023 12:15:09
Dernière modification le : 04-09-2023 12:15:09

Description :
The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server.

CVE ID : CVE-2023-3814
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/ca954ec6-6ebd-4d72-a323-570474e2e339 | source : contact@wpscan.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-4019

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases.

CVE ID : CVE-2023-4019
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/0d323b07-c6e7-4aba-85bc-64659ad0c85d | source : contact@wpscan.com

Vulnérabilité : CWE-863


Vulnérabilité ID : CVE-2023-4059

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog

CVE ID : CVE-2023-4059
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/fc719d12-2f58-4d1f-b696-0f937e706842 | source : contact@wpscan.com

Vulnérabilité : CWE-352
Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-4151

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-4151
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/c9d80aa4-a26d-4b3f-b7bf-9d2fb0560d7b | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4216

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however limited to the first line of the file.

CVE ID : CVE-2023-4216
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/8189afc4-17b3-4696-89e1-731011cb9e2b | source : contact@wpscan.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-4253

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-4253
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/1cbbab9e-be3d-4081-bc0e-c52d500d9871 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4254

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-4254
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/0dfffe48-e60d-4bab-b194-8a63554246c3 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4269

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses.

CVE ID : CVE-2023-4269
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/db3e4336-117c-47f2-9b43-2ca115525297 | source : contact@wpscan.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-4279

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.

CVE ID : CVE-2023-4279
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/2bd2579e-b383-4d12-b207-6fc32cfb82bc | source : contact@wpscan.com

Vulnérabilité : CWE-290


Vulnérabilité ID : CVE-2023-4284

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-4284
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/1c126869-0afa-456f-94cc-10334964e5f9 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4298

Première publication le : 04-09-2023 12:15:10
Dernière modification le : 04-09-2023 12:15:10

Description :
The 123.chat WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-4298
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/36285052-8464-4fd6-b4b1-c175e730edad | source : contact@wpscan.com

Vulnérabilité : CWE-79


Source : google.com

Vulnérabilité ID : CVE-2023-3995

Première publication le : 04-09-2023 20:15:07
Dernière modification le : 04-09-2023 20:15:07

Description :
** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147.

CVE ID : CVE-2023-3995
Source : cve-coordination@google.com
Score CVSS : /

Références :


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.