Dernières vulnérabilités du Mardi 1 Août 2023

Dernières vulnérabilités du Mardi 1 Août 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 01/08/2023 à 23:58:03

(1) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-33493

Première publication le : 01-08-2023 17:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
An Unrestricted Upload of File with Dangerous Type vulnerability in the Ajaxmanager File and Database explorer (ajaxmanager) module for PrestaShop through 2.3.0, allows remote attackers to upload dangerous files without restrictions.

CVE ID : CVE-2023-33493
Source : cve@mitre.org
Score CVSS : 9.8

Références :
https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.html | source : cve@mitre.org


(6) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4033

Première publication le : 01-08-2023 01:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0.

CVE ID : CVE-2023-4033
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b | source : security@huntr.dev
https://huntr.dev/bounties/5312d6f8-67a5-4607-bd47-5e19966fa321 | source : security@huntr.dev

Vulnérabilité : CWE-78


Source : hpe.com

Vulnérabilité ID : CVE-2023-3718

Première publication le : 01-08-2023 19:15:09
Dernière modification le : 01-08-2023 19:15:09

Description :
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker to fully compromise the underlying operating system on the device running AOS-CX.

CVE ID : CVE-2023-3718
Source : security-alert@hpe.com
Score CVSS : 8.8

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt | source : security-alert@hpe.com


Source : hcl.com

Vulnérabilité ID : CVE-2023-37496

Première publication le : 01-08-2023 01:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. An attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.

CVE ID : CVE-2023-37496
Source : psirt@hcl.com
Score CVSS : 8.3

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105904 | source : psirt@hcl.com


Source : brocade.com

Vulnérabilité ID : CVE-2023-31425

Première publication le : 01-08-2023 21:15:10
Dernière modification le : 01-08-2023 21:15:10

Description :
A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled.

CVE ID : CVE-2023-31425
Source : sirt@brocade.com
Score CVSS : 7.8

Références :
https://support.broadcom.com/external/content/SecurityAdvisories/0/22407 | source : sirt@brocade.com


Source : snyk.io

Vulnérabilité ID : CVE-2023-26139

Première publication le : 01-08-2023 05:15:34
Dernière modification le : 01-08-2023 12:55:38

Description :
Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Exploiting this vulnerability is possible due to improper input sanitization which allows the usage of arguments like “__proto__”.

CVE ID : CVE-2023-26139
Source : report@snyk.io
Score CVSS : 7.5

Références :
https://gist.github.com/lelecolacola123/cc0d1e73780127aea9482c05f2ff3252 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-JS-UNDERSCOREKEYPATH-5416714 | source : report@snyk.io


Source : github.com

Vulnérabilité ID : CVE-2023-37478

Première publication le : 01-08-2023 12:15:09
Dernière modification le : 01-08-2023 12:55:38

Description :
pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or when installed via npm being replaced with a compromised or malicious version when installed via pnpm. This issue has been patched in version(s) 7.33.4 and 8.6.8.

CVE ID : CVE-2023-37478
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/pnpm/pnpm/releases/tag/v7.33.4 | source : security-advisories@github.com
https://github.com/pnpm/pnpm/releases/tag/v8.6.8 | source : security-advisories@github.com
https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7 | source : security-advisories@github.com

Vulnérabilité : CWE-284


(5) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : redhat.com

Vulnérabilité ID : CVE-2023-38559

Première publication le : 01-08-2023 17:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

CVE ID : CVE-2023-38559
Source : secalert@redhat.com
Score CVSS : 5.5

Références :
https://access.redhat.com/security/cve/CVE-2023-38559 | source : secalert@redhat.com
https://bugs.ghostscript.com/show_bug.cgi?id=706897 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2224367 | source : secalert@redhat.com
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-38560

Première publication le : 01-08-2023 17:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

CVE ID : CVE-2023-38560
Source : secalert@redhat.com
Score CVSS : 5.5

Références :
https://access.redhat.com/security/cve/CVE-2023-38560 | source : secalert@redhat.com
https://bugs.ghostscript.com/show_bug.cgi?id=706897 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2224368 | source : secalert@redhat.com
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c | source : secalert@redhat.com


Source : brocade.com

Vulnérabilité ID : CVE-2023-31429

Première publication le : 01-08-2023 21:15:10
Dernière modification le : 01-08-2023 21:15:10

Description :
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.

CVE ID : CVE-2023-31429
Source : sirt@brocade.com
Score CVSS : 5.5

Références :
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408 | source : sirt@brocade.com

Vulnérabilité : CWE-200


Source : checkmk.com

Vulnérabilité ID : CVE-2023-23548

Première publication le : 01-08-2023 10:15:09
Dernière modification le : 01-08-2023 12:55:38

Description :
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.

CVE ID : CVE-2023-23548
Source : security@checkmk.com
Score CVSS : 5.4

Références :
https://checkmk.com/werk/15691 | source : security@checkmk.com

Vulnérabilité : CWE-80


Source : github.com

Vulnérabilité ID : CVE-2023-32302

Première publication le : 01-08-2023 11:15:09
Dernière modification le : 01-08-2023 12:55:38

Description :
Silverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13.

CVE ID : CVE-2023-32302
Source : security-advisories@github.com
Score CVSS : 5.0

Références :
https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4 | source : security-advisories@github.com
https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14 | source : security-advisories@github.com
https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13 | source : security-advisories@github.com
https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3 | source : security-advisories@github.com

Vulnérabilité : CWE-20


(0) Vulnérabilité(s) LOW [0.1, 3.9]

(33) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-37772

Première publication le : 01-08-2023 01:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.

CVE ID : CVE-2023-37772
Source : cve@mitre.org
Score CVSS : /

Références :
http://phpgurukul.com/shopping-portal-free-download/ | source : cve@mitre.org
https://github.com/anky-123/CVE-2023-37772/blob/main/CVE-2 | source : cve@mitre.org
https://phpgurukul.com/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-10962

Première publication le : 01-08-2023 02:15:09
Dernière modification le : 01-08-2023 12:55:38

Description :
In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2020-10962
Source : cve@mitre.org
Score CVSS : /

Références :
https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555 | source : cve@mitre.org
https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34960

Première publication le : 01-08-2023 02:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.

CVE ID : CVE-2023-34960
Source : cve@mitre.org
Score CVSS : /

Références :
http://chamilo.com | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36983

Première publication le : 01-08-2023 02:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.

CVE ID : CVE-2023-36983
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LavaLite/cms | source : cve@mitre.org
https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-36983 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36984

Première publication le : 01-08-2023 02:15:10
Dernière modification le : 01-08-2023 12:55:38

Description :
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.

CVE ID : CVE-2023-36984
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/LavaLite/cms | source : cve@mitre.org
https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-36984 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-39986

Première publication le : 01-08-2023 14:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.

CVE ID : CVE-2022-39986
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php | source : cve@mitre.org
https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-39987

Première publication le : 01-08-2023 14:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.

CVE ID : CVE-2022-39987
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php | source : cve@mitre.org
https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31710

Première publication le : 01-08-2023 14:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow.

CVE ID : CVE-2023-31710
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34634

Première publication le : 01-08-2023 14:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.

CVE ID : CVE-2023-34634
Source : cve@mitre.org
Score CVSS : /

Références :
http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html | source : cve@mitre.org
https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c | source : cve@mitre.org
https://greenshot.atlassian.net/browse/BUG-3061 | source : cve@mitre.org
https://www.exploit-db.com/exploits/51633 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39108

Première publication le : 01-08-2023 14:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.

CVE ID : CVE-2023-39108
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39109

Première publication le : 01-08-2023 14:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.

CVE ID : CVE-2023-39109
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39110

Première publication le : 01-08-2023 14:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.

CVE ID : CVE-2023-39110
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFileByPath.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38357

Première publication le : 01-08-2023 15:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions.

CVE ID : CVE-2023-38357
Source : cve@mitre.org
Score CVSS : /

Références :
http://packetstormsecurity.com/files/173609/RWS-WorldServer-11.7.3-Session-Token-Enumeration.html | source : cve@mitre.org
http://seclists.org/fulldisclosure/2023/Jul/30 | source : cve@mitre.org
https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-001/-session-token-enumeration-in-rws-worldserver | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36210

Première publication le : 01-08-2023 17:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter.

CVE ID : CVE-2023-36210
Source : cve@mitre.org
Score CVSS : /

Références :
https://vulners.com/zdt/1337DAY-ID-38750 | source : cve@mitre.org
https://www.exploit-db.com/exploits/51499 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36211

Première publication le : 01-08-2023 17:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
The Barebones CMS v2.0.2 is vulnerable to Stored Cross-Site Scripting (XSS) when an authenticated user interacts with certain features on the admin panel.

CVE ID : CVE-2023-36211
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.exploit-db.com/exploits/51502 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34551

Première publication le : 01-08-2023 18:15:09
Dernière modification le : 01-08-2023 18:51:22

Description :
In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote).

CVE ID : CVE-2023-34551
Source : cve@mitre.org
Score CVSS : /

Références :
http://ezviz.com | source : cve@mitre.org
https://www.ezviz.com/data-security/security-notice/detail/827 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34552

Première publication le : 01-08-2023 18:15:10
Dernière modification le : 01-08-2023 18:51:22

Description :
In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214.

CVE ID : CVE-2023-34552
Source : cve@mitre.org
Score CVSS : /

Références :
http://ezviz.com | source : cve@mitre.org
https://www.ezviz.com/data-security/security-notice/detail/827 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39147

Première publication le : 01-08-2023 18:15:10
Dernière modification le : 01-08-2023 20:15:09

Description :
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.

CVE ID : CVE-2023-39147
Source : cve@mitre.org
Score CVSS : /

Références :
http://packetstormsecurity.com/files/173878/Uvdesk-1.1.3-Shell-Upload.html | source : cve@mitre.org
https://docs.google.com/document/d/1uv9DjHmKuDxZIjNhWX05EsxHEp8fGalXB7XK-QSyr_0/edit?usp=sharing | source : cve@mitre.org


Source : mozilla.org

Vulnérabilité ID : CVE-2023-4045

Première publication le : 01-08-2023 15:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4045
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1833876 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4046

Première publication le : 01-08-2023 15:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4046
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1837686 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4047

Première publication le : 01-08-2023 15:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4047
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1839073 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4048

Première publication le : 01-08-2023 15:15:09
Dernière modification le : 01-08-2023 15:25:40

Description :
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4048
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1841368 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4049

Première publication le : 01-08-2023 15:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4049
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1842658 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4050

Première publication le : 01-08-2023 15:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4050
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1843038 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4051

Première publication le : 01-08-2023 15:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116.

CVE ID : CVE-2023-4051
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1821884 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4052

Première publication le : 01-08-2023 15:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116 and Firefox ESR < 115.1.

CVE ID : CVE-2023-4052
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4053

Première publication le : 01-08-2023 15:15:10
Dernière modification le : 01-08-2023 15:25:40

Description :
A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116.

CVE ID : CVE-2023-4053
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1839079 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4054

Première publication le : 01-08-2023 16:15:09
Dernière modification le : 01-08-2023 16:43:18

Description :
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4054
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1840777 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4055

Première publication le : 01-08-2023 16:15:09
Dernière modification le : 01-08-2023 16:43:18

Description :
When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4055
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1782561 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4056

Première publication le : 01-08-2023 16:15:10
Dernière modification le : 01-08-2023 16:43:18

Description :
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

CVE ID : CVE-2023-4056
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-30/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4057

Première publication le : 01-08-2023 16:15:10
Dernière modification le : 01-08-2023 16:43:18

Description :
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116 and Firefox ESR < 115.1.

CVE ID : CVE-2023-4057
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1841682 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-31/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-4058

Première publication le : 01-08-2023 16:15:10
Dernière modification le : 01-08-2023 16:43:18

Description :
Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.

CVE ID : CVE-2023-4058
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-29/ | source : security@mozilla.org


Source : amd.com

Vulnérabilité ID : CVE-2023-20583

Première publication le : 01-08-2023 19:15:09
Dernière modification le : 01-08-2023 19:15:09

Description :
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information.

CVE ID : CVE-2023-20583
Source : psirt@amd.com
Score CVSS : /

Références :
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7006 | source : psirt@amd.com


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.