Dernières vulnérabilités du Mardi 18 Juillet 2023

Dernières vulnérabilités du Mardi 18 Juillet 2023
{{titre}}

Dernière mise à jour efféctuée le 18/07/2023 à 20:01:46

(1) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : hitachi.co.jp

Vulnérabilité ID : CVE-2023-34142

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.

CVE ID : CVE-2023-34142
Source : hirt@hitachi.co.jp
Score CVSS : 9.0

Références :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html | source : hirt@hitachi.co.jp

Vulnérabilité : CWE-319


(12) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : wordfence.com

Vulnérabilité ID : CVE-2023-3713

Première publication le : 18-07-2023 03:15:56
Dernière modification le : 18-07-2023 12:58:57

Description :
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'profile_magic_check_smtp_connection' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily. This can be used by attackers to achieve privilege escalation.

CVE ID : CVE-2023-3713
Source : security@wordfence.com
Score CVSS : 8.8

Références :
https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/admin/class-profile-magic-admin.php#L599 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file0 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/473ba791-af99-4aae-99cb-ccf220e443e7?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-3714

Première publication le : 18-07-2023 03:15:56
Dernière modification le : 18-07-2023 12:58:57

Description :
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versions up to, and including, 5.5.2. This makes it possible for authenticated attackers, with group ownership, to update group options, including the 'associate_role' parameter, which defines the member's role. This issue was partially patched in version 5.5.2 preventing privilege escalation, however, it was fully patched in 5.5.3.

CVE ID : CVE-2023-3714
Source : security@wordfence.com
Score CVSS : 7.5

Références :
https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/public/partials/profile-magic-group.php#L80 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file4 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2939344/profilegrid-user-profiles-groups-and-communities/trunk/public/partials/profile-magic-group.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a4766651-92a6-42c9-81bc-7ea25350f561?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-3459

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hf_update_customer' function called via an AJAX action in versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with shop manager-level permissions to change user passwords and potentially take over administrator accounts.

CVE ID : CVE-2023-3459
Source : security@wordfence.com
Score CVSS : 7.2

Références :
https://plugins.trac.wordpress.org/browser/users-customers-import-export-for-wp-woocommerce/tags/2.4.1/admin/modules/user/import/import.php#L446 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2938705/users-customers-import-export-for-wp-woocommerce#file201 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/47337214-9cc3-4b12-bb71-9acbab3649b7?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-863


Source : patchstack.com

Vulnérabilité ID : CVE-2022-34155

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 14:47:25

Description :
Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On – SSO (OAuth Client): from n/a through 6.23.3.

CVE ID : CVE-2022-34155
Source : audit@patchstack.com
Score CVSS : 8.8

Références :
https://lana.codes/lanavdb/071fa6eb-2e54-43a1-b37f-1e562988b7d4?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/miniorange-login-with-eve-online-google-facebook/wordpress-oauth-single-sign-on-sso-oauth-client-plugin-6-23-3-broken-authentication-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-23660

Première publication le : 18-07-2023 13:15:11
Dernière modification le : 18-07-2023 14:11:49

Description :
Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP MainWP Maintenance Extension plugin <= 4.1.1 versions.

CVE ID : CVE-2023-23660
Source : audit@patchstack.com
Score CVSS : 8.5

Références :
https://patchstack.com/articles/multiple-vulnerabilities-affecting-mainwp-extensions?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/mainwp-maintenance-extension/wordpress-mainwp-maintenance-extension-plugin-4-1-1-subscriber-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-32965

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 14:47:25

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CRUDLab Jazz Popups plugin <= 1.8.7 versions.

CVE ID : CVE-2023-32965
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/jazz-popups/wordpress-jazz-popups-plugin-1-8-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36384

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions.

CVE ID : CVE-2023-36384
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/booking-calendar-contact-form/wordpress-booking-calendar-contact-form-plugin-1-2-40-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : incibe.es

Vulnérabilité ID : CVE-2023-3743

Première publication le : 18-07-2023 12:15:12
Dernière modification le : 18-07-2023 12:58:57

Description :
Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the product_one_img parameter to retrieve the information stored in the database.

CVE ID : CVE-2023-3743
Source : cve-coordination@incibe.es
Score CVSS : 7.5

Références :
https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-vulnerability-leothemes-ap-page-builder | source : cve-coordination@incibe.es

Vulnérabilité : CWE-89


Source : hpe.com

Vulnérabilité ID : CVE-2023-30906

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 15:15:11

Description :
The vulnerability could be locally exploited to allow escalation of privilege.

CVE ID : CVE-2023-30906
Source : security-alert@hpe.com
Score CVSS : 7.5

Références :
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04486en_us | source : security-alert@hpe.com


Source : rockwellautomation.com

Vulnérabilité ID : CVE-2023-2263

Première publication le : 18-07-2023 16:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing. The new ENIP connections cannot be established if impacted by this vulnerability, which prohibits operational capabilities of the device resulting in a denial-of-service attack.

CVE ID : CVE-2023-2263
Source : PSIRT@rockwellautomation.com
Score CVSS : 7.5

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140029 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-400


Source : hitachi.co.jp

Vulnérabilité ID : CVE-2022-4146

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.

CVE ID : CVE-2022-4146
Source : hirt@hitachi.co.jp
Score CVSS : 7.3

Références :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-123/index.html | source : hirt@hitachi.co.jp

Vulnérabilité : CWE-917


Source : vmware.com

Vulnérabilité ID : CVE-2023-34035

Première publication le : 18-07-2023 16:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.) Specifically, an application is vulnerable when all of the following are true: * Spring MVC is on the classpath * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet) * The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints An application is not vulnerable if any of the following is true: * The application does not have Spring MVC on the classpath * The application secures no servlets other than Spring MVC’s DispatcherServlet * The application uses requestMatchers(String) only for Spring MVC endpoints

CVE ID : CVE-2023-34035
Source : security@vmware.com
Score CVSS : 7.3

Références :
https://spring.io/security/cve-2023-34035 | source : security@vmware.com


(29) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : fortinet.com

Vulnérabilité ID : CVE-2021-43072

Première publication le : 18-07-2023 03:15:54
Dernière modification le : 18-07-2023 12:58:57

Description :
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.

CVE ID : CVE-2021-43072
Source : psirt@fortinet.com
Score CVSS : 6.7

Références :
https://fortiguard.com/advisory/FG-IR-21-206 | source : psirt@fortinet.com


Source : hitachi.co.jp

Vulnérabilité ID : CVE-2020-36695

Première publication le : 18-07-2023 03:15:52
Dernière modification le : 18-07-2023 12:59:03

Description :
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.

CVE ID : CVE-2020-36695
Source : hirt@hitachi.co.jp
Score CVSS : 6.6

Références :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html | source : hirt@hitachi.co.jp

Vulnérabilité : CWE-276


Vulnérabilité ID : CVE-2023-34143

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.

CVE ID : CVE-2023-34143
Source : hirt@hitachi.co.jp
Score CVSS : 5.6

Références :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html | source : hirt@hitachi.co.jp

Vulnérabilité : CWE-297


Source : wordfence.com

Vulnérabilité ID : CVE-2023-2433

Première publication le : 18-07-2023 09:15:11
Dernière modification le : 18-07-2023 12:58:57

Description :
The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-2433
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/yet-another-related-posts-plugin/tags/5.30.3/classes/YARPP_Core.php#L1623 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2939617/yet-another-related-posts-plugin/trunk/classes/YARPP_Core.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/35bd7462-8dab-43b2-9941-fef6f826cfdc?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3708

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
Several themes for WordPress by DeoThemes are vulnerable to Reflected Cross-Site Scripting via breadcrumbs in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVE ID : CVE-2023-3708
Source : security@wordfence.com
Score CVSS : 6.1

Références :
https://deothemes.com/changelog/medikaid-changelog/ | source : security@wordfence.com
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196755%40nokke&new=196755%40nokke&sfp_email=&sfph_mail= | source : security@wordfence.com
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196756%40arendelle&new=196756%40arendelle&sfp_email=&sfph_mail= | source : security@wordfence.com
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196757%40amela&new=196757%40amela&sfp_email=&sfph_mail= | source : security@wordfence.com
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196758%40everse&new=196758%40everse&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/1b8b0f14-f31a-45cd-bb98-0b717059aa80?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3403

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to import new users and update existing users.

CVE ID : CVE-2023-3403
Source : security@wordfence.com
Score CVSS : 5.4

Références :
https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/admin/class-profile-magic-admin.php#L1027 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file0 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/b335fc19-2998-4711-8813-6cb68d7447bd?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-3709

Première publication le : 18-07-2023 03:15:56
Dernière modification le : 18-07-2023 12:58:57

Description :
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to obtain a site's MailChimp API key. We recommend resetting any MailChimp API keys if running a vulnerable version of this plugin with the MailChimp block enabled as the API key may have been compromised.

CVE ID : CVE-2023-3709
Source : security@wordfence.com
Score CVSS : 5.3

Références :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2938619%40royal-elementor-addons&new=2936984%40royal-elementor-addons&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/86c9bcf1-c69e-47ca-b74b-8ce6157f520b?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-200


Source : vuldb.com

Vulnérabilité ID : CVE-2015-10122

Première publication le : 18-07-2023 05:15:09
Dernière modification le : 18-07-2023 12:58:57

Description :
A vulnerability was found in wp-donate Plugin up to 1.4 on WordPress. It has been classified as critical. This affects an unknown part of the file includes/donate-display.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.5 is able to address this issue. The identifier of the patch is 019114cb788d954c5d1b36d6c62418619e93a757. It is recommended to upgrade the affected component. The identifier VDB-234249 was assigned to this vulnerability.

CVE ID : CVE-2015-10122
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/wp-plugins/wp-donate/commit/019114cb788d954c5d1b36d6c62418619e93a757 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234249 | source : cna@vuldb.com
https://vuldb.com/?id.234249 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2018-25088

Première publication le : 18-07-2023 13:15:11
Dernière modification le : 18-07-2023 14:11:49

Description :
A vulnerability, which was classified as critical, was found in Blue Yonder postgraas_server up to 2.0.0b2. Affected is the function _create_pg_connection/create_postgres_db of the file postgraas_server/backends/postgres_cluster/postgres_cluster_driver.py of the component PostgreSQL Backend Handler. The manipulation leads to sql injection. Upgrading to version 2.0.0 is able to address this issue. The patch is identified as 7cd8d016edc74a78af0d81c948bfafbcc93c937c. It is recommended to upgrade the affected component. VDB-234246 is the identifier assigned to this vulnerability.

CVE ID : CVE-2018-25088
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/blue-yonder/postgraas_server/commit/7cd8d016edc74a78af0d81c948bfafbcc93c937c | source : cna@vuldb.com
https://github.com/blue-yonder/postgraas_server/releases/tag/v2.0.0 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234246 | source : cna@vuldb.com
https://vuldb.com/?id.234246 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2020-36762

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248.

CVE ID : CVE-2020-36762
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/ONSdigital/ras-collection-instrument/commit/dcaad2540f7d50c512ff2e031d3778dd9337db2b | source : cna@vuldb.com
https://github.com/ONSdigital/ras-collection-instrument/pull/199 | source : cna@vuldb.com
https://github.com/ONSdigital/ras-collection-instrument/releases/tag/2.0.28 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234248 | source : cna@vuldb.com
https://vuldb.com/?id.234248 | source : cna@vuldb.com

Vulnérabilité : CWE-78


Source : github.com

Vulnérabilité ID : CVE-2023-37259

Première publication le : 18-07-2023 17:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Export Chat feature generates a separate document, an attacker can only inject code run from the `null` origin, restricting the impact. However, the attacker can still potentially use the XSS to leak message contents. A malicious homeserver is a potential attacker since the affected inputs are controllable server-side. This issue has been addressed in commit `22fcd34c60` which is included in release version 3.76.0. Users are advised to upgrade. The only known workaround for this issue is to disable or to not use the Export Chat feature.

CVE ID : CVE-2023-37259
Source : security-advisories@github.com
Score CVSS : 6.1

Références :
https://github.com/matrix-org/matrix-react-sdk/commit/22fcd34c606f32129ebc967fc21f24fb708a98b8 | source : security-advisories@github.com
https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-c9vx-2g7w-rp65 | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : hackerone.com

Vulnérabilité ID : CVE-2023-31998

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices.

CVE ID : CVE-2023-31998
Source : support@hackerone.com
Score CVSS : 5.9

Références :
https://community.ui.com/releases/Security-Advisory-Bulletin-033-033/17f7c7c0-830b-4625-a2ee-e90e514e7b0f | source : support@hackerone.com


Source : patchstack.com

Vulnérabilité ID : CVE-2022-47421

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.

CVE ID : CVE-2022-47421
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-4-stored-cross-site-scripting-xss-on-common-messages-settings?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/armember/wordpress-armember-premium-wordpress-membership-plugin-plugin-5-8-stored-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24390

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSecur Security plugin <= 1.2.1 versions.

CVE ID : CVE-2023-24390
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wesecur-security/wordpress-wesecur-security-plugin-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-36383

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.9.5 versions.

CVE ID : CVE-2023-36383
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/mage-eventpress/wordpress-event-manager-and-tickets-selling-plugin-for-woocommerce-plugin-3-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2022-46857

Première publication le : 18-07-2023 12:15:12
Dernière modification le : 18-07-2023 12:58:57

Description :
Cross-Site Request Forgery (CSRF) vulnerability in SiteAlert plugin <= 1.9.7 versions.

CVE ID : CVE-2022-46857
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/my-wp-health-check/wordpress-sitealert-uptime-speed-and-security-monitoring-for-wordpress-plugin-1-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25473

Première publication le : 18-07-2023 12:15:12
Dernière modification le : 18-07-2023 12:58:57

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr Justified Gallery plugin <= 3.5 versions.

CVE ID : CVE-2023-25473
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/flickr-justified-gallery/wordpress-flickr-justified-gallery-plugin-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37386

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Media Library Helper plugin <= 1.2.0 versions.

CVE ID : CVE-2023-37386
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/media-library-helper/wordpress-media-library-helper-by-codexin-plugin-1-2-0-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37387

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions.

CVE ID : CVE-2023-37387
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/classified-listing/wordpress-classified-listing-plugin-2-4-5-cross-site-request-forgery-csrf-leading-to-thumbnail-removal-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37973

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in David Pokorny Replace Word plugin <= 2.1 versions.

CVE ID : CVE-2023-37973
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/replace-word/wordpress-replace-word-plugin-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2022-45828

Première publication le : 18-07-2023 12:15:11
Dernière modification le : 18-07-2023 12:58:57

Description :
Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo Timetable plugin <= 2.1.3 versions.

CVE ID : CVE-2022-45828
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/noo-timetable/wordpress-noo-timetable-responsive-calendar-auto-sync-wordpress-plugin-plugin-2-1-3-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25475

Première publication le : 18-07-2023 12:15:12
Dernière modification le : 18-07-2023 12:58:57

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Smart YouTube PRO plugin <= 4.3 versions.

CVE ID : CVE-2023-25475
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/smart-youtube/wordpress-smart-youtube-pro-plugin-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25482

Première publication le : 18-07-2023 12:15:12
Dernière modification le : 18-07-2023 12:58:57

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel WP Tiles plugin <= 1.1.2 versions.

CVE ID : CVE-2023-25482
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/wp-tiles/wordpress-wp-tiles-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2022-47169

Première publication le : 18-07-2023 13:15:11
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility Logic for Elementor plugin <= 2.3.4 versions.

CVE ID : CVE-2022-47169
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/visibility-logic-elementor/wordpress-visibility-logic-for-elementor-plugin-2-3-4-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25036

Première publication le : 18-07-2023 13:15:11
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin <= 1.6 versions.

CVE ID : CVE-2023-25036
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/spoontalk-social-media-icons-widget/wordpress-social-media-icons-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37889

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin WPAdmin AWS CDN plugin <= 2.0.13 versions.

CVE ID : CVE-2023-37889
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/aws-cdn-by-wpadmin/wordpress-wpadmin-aws-cdn-plugin-2-0-13-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37892

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 14:11:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB plugin <= 6.0.8 versions.

CVE ID : CVE-2023-37892
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/shortcode-imdb/wordpress-shortcode-imdb-plugin-6-0-8-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : solarwinds.com

Vulnérabilité ID : CVE-2023-33231

Première publication le : 18-07-2023 17:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
XSS attack was possible in DPA 2023.2 due to insufficient input validation

CVE ID : CVE-2023-33231
Source : psirt@solarwinds.com
Score CVSS : 5.4

Références :
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-3_release_notes.htm | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33231 | source : psirt@solarwinds.com

Vulnérabilité : CWE-79


Source : redhat.com

Vulnérabilité ID : CVE-2023-0160

Première publication le : 18-07-2023 17:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.

CVE ID : CVE-2023-0160
Source : secalert@redhat.com
Score CVSS : 4.7

Références :
https://access.redhat.com/security/cve/CVE-2023-0160 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2159764 | source : secalert@redhat.com
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed17aa92dc56 | source : secalert@redhat.com
https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2EeAg@mail.gmail.com/ | source : secalert@redhat.com


(1) Vulnérabilité(s) LOW [0.1, 3.9]

Source : vuldb.com

Vulnérabilité ID : CVE-2021-4428

Première publication le : 18-07-2023 17:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueue_scripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 4.0.1 is able to address this issue. The patch is named dd59cbac5f86057d6a73b87007c08b8bfa0c32ac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-234247.

CVE ID : CVE-2021-4428
Source : cna@vuldb.com
Score CVSS : 2.7

Références :
https://github.com/what3words/wordpress-autosuggest-plugin/commit/dd59cbac5f86057d6a73b87007c08b8bfa0c32ac | source : cna@vuldb.com
https://github.com/what3words/wordpress-autosuggest-plugin/pull/20 | source : cna@vuldb.com
https://github.com/what3words/wordpress-autosuggest-plugin/releases/tag/v4.0.1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.234247 | source : cna@vuldb.com
https://vuldb.com/?id.234247 | source : cna@vuldb.com

Vulnérabilité : CWE-200


(25) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-38426

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length.

CVE ID : CVE-2023-38426
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=02f76c401d17e409ed45bf7887148fcc22c93c85 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38427

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.

CVE ID : CVE-2023-38427
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38428

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.

CVE ID : CVE-2023-38428
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38429

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.

CVE ID : CVE-2023-38429
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=443d61d1fa9faa60ef925513d83742902390100f | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38430

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.

CVE ID : CVE-2023-38430
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=1c1bcf2d3ea061613119b534f57507c377df20f9 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38431

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.

CVE ID : CVE-2023-38431
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=368ba06881c395f1c9a7ba22203cf8d78b4addc0 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38432

Première publication le : 18-07-2023 00:15:09
Dernière modification le : 18-07-2023 12:59:03

Description :
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.

CVE ID : CVE-2023-38432
Source : cve@mitre.org
Score CVSS : /

Références :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.10 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38434

Première publication le : 18-07-2023 03:15:55
Dernière modification le : 18-07-2023 12:58:57

Description :
xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method.

CVE ID : CVE-2023-38434
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/cozis/xHTTP/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38326

Première publication le : 18-07-2023 13:15:12
Dernière modification le : 18-07-2023 13:15:12

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

CVE ID : CVE-2023-38326
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2020-23909

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.

CVE ID : CVE-2020-23909
Source : cve@mitre.org
Score CVSS : /

Références :
https://sourceforge.net/p/advancemame/bugs/285/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-23910

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c.

CVE ID : CVE-2020-23910
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/vlm/asn1c/issues/396 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-23911

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service.

CVE ID : CVE-2020-23911
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/vlm/asn1c/issues/394 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-32256

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.

CVE ID : CVE-2021-32256
Source : cve@mitre.org
Score CVSS : /

Références :
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-33294

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

CVE ID : CVE-2021-33294
Source : cve@mitre.org
Score CVSS : /

Références :
https://sourceware.org/bugzilla/show_bug.cgi?id=27501 | source : cve@mitre.org
https://sourceware.org/pipermail/elfutils-devel/2021q1/003607.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-34119

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file.

CVE ID : CVE-2021-34119
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/michaelrsweet/htmldoc/commit/85fa76d77ed69927d24decf476e69bedc7691f48 | source : cve@mitre.org
https://github.com/michaelrsweet/htmldoc/issues/431 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-34121

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.

CVE ID : CVE-2021-34121
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/michaelrsweet/htmldoc/commit/c67bbd8756f015e33e4ba639a40c7f9d8bd9e8ab | source : cve@mitre.org
https://github.com/michaelrsweet/htmldoc/issues/433 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-34123

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file.

CVE ID : CVE-2021-34123
Source : cve@mitre.org
Score CVSS : /

Références :
https://sourceforge.net/p/atasm/bugs/23/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-26563

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.

CVE ID : CVE-2022-26563
Source : cve@mitre.org
Score CVSS : /

Références :
https://bitbucket.org/tildeslash/monit/commits/6ecaab1d375f33165fe98d06d92f36c949c0ea11 | source : cve@mitre.org
https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-33064

Première publication le : 18-07-2023 14:15:11
Dernière modification le : 18-07-2023 14:47:25

Description :
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.

CVE ID : CVE-2022-33064
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libsndfile/libsndfile/issues/832 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-33065

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 14:47:25

Description :
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.

CVE ID : CVE-2022-33065
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libsndfile/libsndfile/issues/789 | source : cve@mitre.org
https://github.com/libsndfile/libsndfile/issues/833 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-41409

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 14:47:25

Description :
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.

CVE ID : CVE-2022-41409
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 | source : cve@mitre.org
https://github.com/PCRE2Project/pcre2/issues/141 | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-47085

Première publication le : 18-07-2023 14:15:12
Dernière modification le : 18-07-2023 14:47:25

Description :
An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs.

CVE ID : CVE-2022-47085
Source : cve@mitre.org
Score CVSS : /

Références :
https://doc.rust-lang.org/std/macro.eprintln.html | source : cve@mitre.org
https://github.com/ostreedev/ostree/issues/2775 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31441

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.

CVE ID : CVE-2023-31441
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/NCI-Agency/anet/blob/0662b99dfdec1ce07439eb7bed02d90320acc721/src/main/java/mil/dds/anet/utils/Utils.java | source : cve@mitre.org
https://github.com/NCI-Agency/anet/issues/4408 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36120

Première publication le : 18-07-2023 15:15:11
Dernière modification le : 18-07-2023 15:15:11

Description :
** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36120
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-33265

Première publication le : 18-07-2023 16:15:11
Dernière modification le : 18-07-2023 17:33:48

Description :
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted.

CVE ID : CVE-2023-33265
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hazelcast/hazelcast | source : cve@mitre.org
https://support.hazelcast.com/s/article/Security-Advisory-for-CVE-2023-33265 | source : cve@mitre.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.